Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Clarification regarding dongle battery

Anchor
TOC
TOC
Include Page
KBCOMMON:KB-CSSstyle
KBCOMMON:KB-CSSstyle

...

In some emulator products it is possible to configure the number of retries and the waiting time between them by adding parameters to the emulator configuration file. Please refer to the product documentation for the details regarding the relevant parameters: license_retry_period and license_retry_count parameters (obsolete starting with version 1.10)

2. At regular intervals during the runtime of the emulator (the default license check period of 1 hour can be changed by Stromasys using the appropriate license parameters):

...

  • Hardware dongles require the Sentinel HASP run-time (driver) installation before the dongle can be connected to and used by the system.
  • Hardware dongles (with the exception of , apart from HL-MAX dongles) , are equipped with a battery and a clock, which makes them independent of the host clock. To keep the battery charged, the dongle should occasionally be The battery is not rechargeable. However, the dongle can use the power provided by the host system while it is plugged in. By doing this, the depletion of the battery can be slowed down. Check the dongle at regular intervals if it is not permanently connected to a system even if it is not currently needed. If the battery becomes completely depleted, the dongle will be permanently unusable and must be replaced. See also: How long does the license USB dongle battery last upon a full charge.

Software License

A software license is a "virtual" key with functionality very similar to a HASP network-enabled hardware dongle.

A software license does not require any special hardware but it still requires installation of the Sentinel runtime environment

Please note:

  • To avoid unexpected problems, do not use any Sentinel runtime software that was not provided by Stromasys without being advised to do so by your Stromasys representative.
  • Software licenses are best suited for stable environments, because their correct function depends on certain characteristics of the host system. Changing any of these characteristics will invalidate the license.
    • If the Charon host runs on real hardware, software licenses are by default tightly bound to the hardware for which they were issued. If major hardware characteristics of the system are changed, the license will be disabled.
    • If the Charon host runs in a virtual environment (e.g., VMware), software licenses are normally bound to the virtual machine ID and a set of additional characteristics of the virtual machine. If any of these parameters are changed, the license will be disabled.
  • Software licenses are very sensitive to even small changes on the host system. Therefore, it is especially important to provide for a backup license that will ensure continued operation should there be a problem with the software license. See Handling Multiple License Keys and Product Licenses for details.

For a more detailed description of the restrictions, please refer to HASP Software Licensing restrictions or contact your Stromasys representative.

...

classpagebreak

...

After installing a license on the system, verify the availability of the license as described in the section View Existing Licenses.

Check if the license shows the correct product, expiration date etc.

...

To identify the relevant key IDs, display the available licenses as described in section View Existing Licenses.

To get information about modifying the Charon configuration files, refer to the appropriate sections in the user's guide.

...

To identify the relevant key IDs, display the available licenses as described in section View Existing Licenses.

To get information about modifying the Charon configuration files, refer to the appropriate sections in the user's guide.

...

To identify the relevant product license IDs, display the available licenses as described in section View Existing Licenses.

To get information about modifying the Charon configuration files, refer to the appropriate sections in the user's guide.

...

  • If you have not installed the license server yet (and for any more in-depth information), please refer to the VE license server user's guide (see Licensing Documentation).

  • The information below shows the command-line tools for license management. Starting with version 1.1.16 of the VE license server, these activities can also be performed using a web-based management GUI. Please refer to the appropriate VE license server user's guide (see chapter VE License Server Web-based Management GUI in the VE license server documentation under Licensing Documentation).

Firewall Considerations

...

nameVEFWconsiderations

VE Licensing Certificates Overview

This section applies to Charon-PAR version 3.0.11 and later.

This section provides a short overview of the certificates used by the VE license server and Charon-PAR. Please refer to the VE license server documentation for details.

The VE license server uses certificates for different purposes:

  • License server operation: encrypted communication between license server and license clients (emulators).

    • New certificate support in the VE license server started with version 2.1.3. Changed certificate names starting with VE license server 2.2.2.

    • New certificate support for Charon-PAR started with version 3.0.11.

  • Web-based management GUI: encrypted (HTTPS) communication between the integrated license server web server and web browsers. Starting with VE license server version 2.1.4, the name of the certificate and its management changed. Please refer to the VE license server documentation.

Important information:

  • General VE license server configuration:

    • The VE license server will – by default – use the old certificates. Therefore, compatibility with existing Charon clients will be maintained during an upgrade of the license server.

    • If the new certificates (using pre-defined names) are present in /opt/license-server/certs, these will be used and clients will have to use matching certificates. Please refer to the VE license server documentation for information how to activate the new certificates and, if desired, create custom certificates.

  • Checking if the new certificates are enabled in a Charon-PAR installation:

    • Certificate location: /opt/charon/bin/certs

    • Sample certificate names: ca.crt.sample, charon.crt.sample, and charon.key.sample

    • If the directory contains the above files without the .sample suffix (e.g., ca.crt, charon.crt, charon.key), the new certificates have been enabled. On the license server, the sample files (for root CA and license server) are in /opt/license_server/certs. Please see the VE License Server guide in License Documentation for more information.

  • Make sure you understand the implications and possible side-effects before changing the certificate configuration. Incorrect configurations can lead to the loss of license access and interruptions in operation.

Firewall Considerations

Excerpt
nameVEFWconsiderations

If the VE license server is not installed on the same system as the emulator, any intermediate firewall must allow at least the port on which the license is served. Optionally, the firewalls must allow the port on which the web-based GUI is available. These ports are configurable on the VE license server. The default values are the following:

  • Default port on which licenses are served by the VE license server: TCP 8083.
  • Default port on which the web-based GUI runs: TCP 8084.


Div
classpagebreak


Creating a C2V File on a VE License Server

...

Insert excerpt
PDC:__Include: Installing a License on the VE License Server
PDC:__Include: Installing a License on the VE License Server
nameVEesxi_bind
nopaneltrue

Div
classpagebreak


Creating a VE C2V File and Sending it to Stromasys

...

  1. Use ssh to log in on the license server instance.
    # ssh -i ~/.ssh/<mykey> <user>@<license-server-ip>
    where

    1. <mykey> is the private key of the key-pair you associated with your cloud instance
      (for an on-premises VMware installation where login with username/password is allowed, it is not needed)

    2. <user> is the user for interactive login associated with your license server instance (e.g., opc on OCI, centos for a CentOS instance on AWS, or the custom user on your VMware virtual machine or physical server; for an instance installed from a prepackaged Charon VE marketplace image, use centos sshuser)

    3. <license-server-ip> is the ip address of your license server system

  2. Become the privileged user and run the c2v program.

    1. Become the root user: # sudo -i

    2. Run the c2v program: # /opt/license-server/c2v --filename <my-file>.c2v --platform <my-platform>
      where

      1. <my-file>.c2v is the path and name under which you want to store the fingerprint. The file type is C2V (customer-to-vendor)

      2. <my-platform> indicates the platform on which the license server runs (possible values: physical, aws, oci, gcp, azure, ibm, nutanix, or esxi).

  3. Copy the resulting C2V file to your local system (unless you can send email from the license server system).

  4. Send the C2V file to the Stromasys orders department (email address will be provided by Stromasys).

...

  1. Copy the V2C file to the license server (e.g., with SFTP).

  2. Use ssh to log in on the license server instance.
    # ssh -i ~/.ssh/<mykey> <user>@<license-server-ip>
    where

    1. <mykey> is the private key of the key-pair you associated with your license server instance
      (for an on-premises VMware installation where login with username/password is allowed, it is not needed)

    2. <user> is the user for interactive login associated with your license server instance (e.g., opc on OCI, centos for a CentOS instance on AWS, or the custom user on your VMware virtual machine or your physical server; for an instance installed from a prepackaged Charon VE marketplace image, use centos sshuser)

    3. <license-server-ip> is the ip address of your license server system

  3. Become the privileged user and run the v2c program.

    1. Become the root user: # sudo -i

    2. Run the v2c program: # /opt/license-server/v2c -f <my-file>.v2c
      where <my-file>.v2c is the path and name under which you want to store the fingerprint. The file type is V2C (vendor-to-customer).

...

  1. Use ssh to log in on the license server instance.
    # ssh -i ~/.ssh/<mykey> <user>@<license-server-ip>
    where

    1. <mykey> is the private key of the key-pair you associated with your license server instance
      (for an on-premises VMware installation where login with username/password is allowed, it is not needed)

    2. <user> is the user for interactive login associated with your license server instance (e.g., opc on OCI, centos for a CentOS instance on AWS, or the custom user on your VMware virtual machine or your physical server; for an instance installed from a prepackaged Charon VE marketplace image, use centos sshuser)

    3. <license-server-ip> is the ip address of your license server system

  2. Become the privileged user and run the license_viewer program.

    1. Become the root user: # sudo -i

    2. Run the license_viewer program: # /opt/license-server/license_viewer

...

  • The two services have a dependency such that starting one of them will start the other, stopping one of them will stop the other, and restarting one of them will restart the other.
  • Starting the services:
    # systemctl start aksusbd
    # systemctl start hasplmd
  • Stopping the services:
    # systemctl stop aksusbd
    # systemctl stop hasplmd
Div
classpagebreak


VE License Server Process

...