Versions Compared

Old Version 25

changes.mady.by.user Bruno Miretti (Deactivated)

Saved on

compared with

New Version 26

changes.mady.by.user Bruno Miretti (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: layout reviewed / PDF export

Anchor
TOC
TOC
Include Page
KBCOMMON:KB-CSSstyle
KBCOMMON:KB-CSSstyle

...

Software licenses

The CHARON-VAX / CHARON-PDP Software License (SL) is a "virtual" key with exactly the same functionality as the hardware dongle. It does not require any hardware but the installation of the Sentinel run-time environment is required.

Note

The Software Licenses (SL) are best suited for stable environments because their correct function depends on certain characteristics of the host system. Changing any of these characteristics will invalidate the license.

  • If the CHARON host runs on real hardware, the software licenses are by default tightly bound to the hardware for which they were issued. If major hardware characteristics of the system are changed, the license will be disabled.
  • If the CHARON host runs in a virtual environment (e.g. VMware), software licenses are normally bound to the virtual machine ID and a set of additional characteristics of the virtual machine. If any of these parameters are changed, the license will be disabled.

For a more detailed description of the restrictions, please refer to Software Licensing restrictions or contact your Stromasys representative.

Software licenses are always network-wide on Windows, so they behave the same way as Network HASP keys.

Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc

Div
classpagebreak


Multiple licenses configuration and backup license

For any type of licensing, a CHARON VM can use only one valid ("active") license (of given vendor code) at a time.

The "HASP License details" utility (it can be started from CHARON Virtual Machines Manager) displays a range of available licenses but note that, by default, a CHARON VM may use any of them as the "active" one - unless it is directly specified by the "license_key_id" parameter (see below). The utility provides the license numbers and ID / IP addresses of the hosts where the licenses are installed.

The general recommendation is to avoid the usage of multiple keys in one network segment. Use only one locally installed license per host or one network license per local network segment containing several CHARON hosts.

When needed, it is possible to use a special parameter in the CHARON VM configuration files to specify exactly which license must be used by each particular CHARON VM:

Parameter

license_key_id

TypeText string
Value

A set of Sentinel Key IDs that specifies the license keys to be used by CHARON. It is also possibly to use a keyword "any" to force CHARON to look for a suitable license in all available keys if the license is not found in the specified keys.

Example:


set session license_key_id = "1877752571,354850588,any"

Based on the presence of this parameter in the configuration file, CHARON behaves as follows:


  1. No keys are specified (the parameter is absent)
    CHARON performs an unqualified search for any suitable key in unspecified order. If no key is found, CHARON exits.

  2. One or many keys are specified
    CHARON performs a qualified search for a regular license key in the specified order. If it is not found, CHARON exits (if the keyword "any" is not set).

If the keyword "any" is specified then if no valid license has been found in the keys with specified ID’s all other available keys are examined for valid license as well.

The order in which keys are specified is very important. If a valid license was found in the key which ID was not the first one specified in configuration file, then available keys are periodically re-scanned and if the key with the ID earlier in the list than the current one is found CHARON tries to find a valid license there and in case of success switches to that key.

This parameter also specifies the license which will be used as backup if the active license expires.

...

At the moment CHARON supports Sentinel HASP keys, Sentinel HL and Sentinel Software Licenses (SL).

...

Installation of a CHARON-VAX / CHARON-PDP regular or network license consists of:
 

  1. Installation of the Sentinel run-time environment on the CHARON-VAX / CHARON-PDP host (regular and network keys) or on the host that will distribute CHARON-VAX / CHARON-PDP licenses over a local network segment (network key only). The Sentinel software is installed automatically by CHARON-VAX / CHARON-PDP for Windows.
  2. Physical connection of the HASP license dongle to the CHARON-VAX / CHARON-PDP host or to the host distributing the CHARON-VAX / CHARON-PDP license over the local network segment.
  3. Collecting the system fingerprint (*.c2v file), sending it to STROMASYS and applying the update (*.v2c file) in case of software license (and in case of updating HASP dongle license). See the details below.

When a manual installation of the Sentinel run-time is required (in the case of the network license server that does not have CHARON-AXP installed):

  1. Login as Administrator
  2. Open the CHARON-VAX/PDP kit folder
  3. Switch to the "hasp_install" subfolder
  4. Unzip the archive "haspdinst.zip" located in this folder
  5. Open "cmd.exe" and switch to the folder where the files were unzipped

  6. Execute the following commands:


    ...> haspdinst.exe -fr -kp -nomsg

    ...> haspdinst.exe -install -cm


  7. Extract the contents of this archive "hasplib.zip" to the same directory.
  8. Copy the file "haspvlib_68704.dll" to "C:\Program Files (x86)\Common Files\Aladdin Shared\HASP" (in case of x64 host) or "C:\Program Files\Common Files\Aladdin Shared\HASP" (in case of x86 host)


Info

Note that the following operations have to be performed on installation phase for network licenses:

  • On the server side (where the network license will reside): open port 1947 for both TCP and UDP
  • On the client side, if broadcast search for remote licenses is to be used, UDP traffic from port 1947 of the license server to ports 30000-65535 of the client must be permitted.
  • Both on server and client sides: setup default gateway

Please consult with your Windows User's Guide on details.

If stricter firewall rules are required, it is possible to open the ports 30000-65535 and 1947 only for the "Sentinel HASP License Manager" (hasplms.exe) service (it will be installed by CHARON-VAX / CHARON-PDP).


Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc


Div
classpagebreak



...

Disable remote keys access 

A helpful feature of the Sentinel Admin Control Center is the ability to disable access to remote keys. If the network key is installed locally, access to the key from remote hosts can be disabled. The following examples demonstrate how this can be done.

...

Removing CHARON-VAX / CHARON-PDP software licenses

The following procedure must be applied to remove the software license (SL):


  1. Open the CHARON Virtual Machines Manager, switch to the "Host Information & Utilities" tab and press the "Sentinel Admin Control Center" button:

    or - alternatively - start any web browser on this system and go to the http://localhost:1947 page.

  2. In the "Sentinel HASP Admin Control Center" (ACC), select the "Sentinel Keys" option in the left pane and locate the target "Sentinel SL AdminMode" license.

  3. Press the "Certificates" button at the right side of the SL description:


    .

    Div
    classpagebreak



  4. Note the name of the correspondent certificate in the "Certificates" section. The name is in the form of <KeyID>_base.v2c
  5. Remove the corresponding certificate file in the "C:\Program Files\Common Files\SafeNet Sentinel\Sentinel LDK\installed\68704" folder.
  6. Reboot the CHARON host.
  7. Start the "Sentinel HASP Admin Control Center" (ACC) again to ensure the SL has been removed.
Include Page
KBCOMMON:DOC-GoToToc
KBCOMMON:DOC-GoToToc

License Deinstallation

...