Contents

Important Information to Protect the License Validity

Certain actions can invalidate your license. Therefore, once you have installed your license, please note the following points:

For cloud deployments: if supported by the cloud provider, the VE license server instance can be moved to a different subnet, as long as the original instance can be moved.

It is also possible to backup and restore (to the same instance) the license server data.

However, the following actions will invalidate the license:

Cloud and VMware environments:
- Copying the license server data to a different instance
- Seriously damaging the root filesystem of the license server system
- Re-installing the license server system
- Copying the virtual machine on which the license server runs
- Changing the number of CPU cores of the license server system.
VMware environments:
- If the license server is bound to the ESXi host: using vMotion on the VM in which the VE license server runs
- Changes to the API interface of the ESXi host or vCenter Server

Requesting and Installing a License

Perform the following basic steps to request and install a license:

VMware only: for the first license request in a VMware environment, or if the binding data has changed, use the esxi_bind command to bind the license server to its ESXi host or vCenter Server.
Collect the fingerprint (the customer-to-vendor - or C2V - file) on the license server and (if applicable) the backup license server.
Send the fingerprint data to Stromasys stating the license requirements based on your contract with Stromasys (product version, number of concurrent instances, is this the main or the backup license, etc.). Stromasys will send you the license data. Please also indicate if you require a license with or without a passphrase (can be selected per product section). The use of a passphrase requires Charon-SSP emulator versions 4.3.x and higher and VE license server versions 1.1.x and higher.
Install the license data (the vendor-to-customer - or V2C - file) on the license server and (if applicable) on the backup license server.
Verify the license installation.

These basic steps are described in more detail below.

Running the esxi_bind Command (VMware environment only)

The esxi_bind command sets up the necessary communication connection between the VE license server and the ESXi host / the vCenter Server.

It must be run on the license server (and the backup license server, if applicable)

once before the first license is requested,
and again should the user, the password, or the address data for the access to the ESXi host / the vCenter Server change.

Perform the following steps:

Use ssh to log in on the license server instance (assuming that username/password login is possible for an on-premises VMware installation).
# ssh <user>@<license-server-ip>
where
1. <user> is the user for interactive login associated with your license server system
2. <license-server-ip> the ip address of your license server system
Become the privileged user and run the esxi_bind program.
1. Become the root user: # sudo -i
2. Run the esxi_bind program: # /opt/license-server/esxi_bind -a <address> -u <username> -p <password>where
  1. <address> is the IP address of the ESXi host or vCenter Server
  2. <username> is a user with administrative rights on the ESXi host or vCenter Server
  3. <password> is the password of the administrative user
If the command is successful, it will create the file /opt/license-server/config.ini containing the connection data (the password is encrypted).

Collecting the Fingerprint Data on the License Server

The fingerprint is collected on the license server using the c2v utility.

Perform the following steps to collect the fingerprint on the license server and (if applicable) the backup license server:

Use ssh to log in on the license server instance.
# ssh -i ~/.ssh/<mykey> <user>@<license-server-ip>
where
1. <mykey> is the private key of the key-pair you associated with your cloud instance
  (for an on-premises VMware installation where login with username/password is allowed, it is not needed)
2. <user> is the user for interactive login associated with your license server instance (e.g., opc on OCI, centos for a CentOS instance on AWS, or the custom user on your VMware virtual machine;
  for an instance installed from a prepackaged Charon-SSP VE marketplace image, use sshuser)
3. <license-server-ip> is the ip address of your license server system
Become the privileged user and run the c2v program.
1. Become the root user: # sudo -i
2. Run the c2v program: # /opt/license-server/c2v --filename <my-file>.c2v --platform <my-platform>where
  1. <my-file>.c2v is the path and name under which you want to store the fingerprint. The file type is C2V (customer-to-vendor)
  2. <my-platform> indicates the platform on which the license server runs (possible values: aws, oci, gcp, azure, ibm, or esxi)
Copy the resulting C2V file to your local system (unless you can send email from the license server system).

Sending the C2V File to Stromasys and Receive License Data File

Stromasys or your Stromasys VAR will provide you with an email address to which you should send the C2V file you created in the previous step. Please indicate if you require a license with or without a passphrase (can be selected per product section). The use of a passphrase requires Charon-SSP emulator versions 4.3.x and higher and VE license server versions 1.1.x and higher.

In response, you will receive a so-called V2C (vendor-to-customer) file which contains the license data. The content of the license (type of emulated SPARC, expiration date, number of concurrent instances, etc.) depends on your contract with Stromasys. You may also receive a text file containing the license content in human readable form.

Installing the License Data on the License Server

The license data is installed on the license server using the v2c utility.

Perform the following steps to install the license on the license server:

Copy the V2C file to the license server (e.g., with SFTP).
Use ssh to log in on the license server instance.
# ssh -i ~/.ssh/<mykey> <user>@<license-server-ip>
where
1. <mykey> is the private key of the key-pair you associated with your license server instance
  (for an on-premises VMware installation where login with username/password is allowed, it is not needed)
2. <user> is the user for interactive login associated with your license server instance (e.g., opc on OCI, centos for a CentOS instance on AWS, or the custom user on your VMware virtual machine);
  for an instance installed from a prepackaged Charon-SSP VE marketplace image, use sshuser)
3. <license-server-ip> is the ip address of your license server system
Become the privileged user and run the v2c program.
1. Become the root user: # sudo -i
2. Run the v2c program: # /opt/license-server/v2c -f <my-file>.v2cwhere <my-file>.v2c is the path and name under which you want to store the fingerprint. The file type is V2C (vendor-to-customer).

After the installation of the V2C file, the license server will be restarted.

Please note:

Please note that to install a license with a new license ID (or another changed static parameter - see below), the old license must first be removed in an additional step (see Removing a License from a VE License Server).
In versions before 1.0.17, the license server will not start until a valid license has been installed.

The following example shows the installation of a V2C file:

$ sudo /opt/license-server/v2c -f mylicense.v2c 
<<V2C>> Going to import "mylicense.v2c" ...
<<V2C>> Imported "mylicense.v2c" successfully.
<<V2C>> Restarting license server ...
<<V2C>> Done

Verifying License Installation and License Content

Checking the License Server Log file

Check the license server log file to see if the server started successfully or reported an error. Use the following command (as the privileged user):
# cat /opt/license-server/license_log/license.log

The log should indicate that the license server is ready to serve licenses.

Using the license_viewer Program to Display the Content of a License

The license server provides a license_viewer program to view the content of the license. To run it, use the following command (as the privileged user):

# /opt/license-server/license_viewer

The following sample shows the output of two active Charon-SSP licenses - once on the AWS cloud without a passphrase, once in VMware environment with a passphrase:

# /opt/license-server/license_viewer
<<License Viewer>> Current license:
KEYSEC
K_FINGER=58ca76281dd3d99b49252b2c <data truncated>
K_LICENSE_ID=01.00000001.002.044
K_TYPE=NORMAL
K_CUSTOMER=Stromasys/Testing
K_PLATFORM=amazon.aws
K_R_DATE=1593308781
K_INTERVAL=60
KEYEND
PRODSEC
P_NAME=Charon-SSP/4U,Charon-SSP/4U+
P_CODE=test
P_RLSD=31-DEC-2020 23:55:00
P_MAJV=4
P_MINV=2
P_CPU_NUM=4
P_MAX_MEM=4096MB
P_INSTANCE=4
PRODEND

# /opt/license-server/license_viewer
<<License Viewer>> Current license:
KEYSEC
K_FINGER=c1187c24612b4ee15b076eb8ccdd <data truncated>
K_LICENSE_ID=03.00000003.002.005
K_TYPE=NORMAL
K_CUSTOMER=Stromasys/Testing
K_PLATFORM=vmware.esxi
K_R_DATE=1612976069
K_INTERVAL=60
KEYEND
PRODSEC
P_NAME=Charon-SSP/4M,Charon-SSP/4U
P_CODE=Charon-SSP VAR Template
P_RLSD=14-AUG-2021 23:55:00
P_MAJV=4
P_MINV=4
P_CPU_NUM=64
P_MAX_MEM=4194304MB
P_INSTANCE=3
P_PASSPHRASE=RBHZ-GTHC-5O52-MGAL
PRODEND

Important product-specific license parameters:

P_RLSD is the expiration date.
P_MAJV and P_MINV are the major and minor product versions.
P_CPU_NUM defines the maximum number of CPUs in an emulated system (emulated SPARC in the example).
P_MAX_MEM defines the maximum amount of RAM in an emulated system.
P_INSTANCE defines the maximum number of concurrently running emulated systems.
P_PASSPHRASE defines the passphrase that must be configured on the license client system.

Important key-specific license parameters:

K_PLATFORM: the platform for which the license has been created. This parameter cannot be changed by a license update.
K_CUSTOMER: the owner of the license. This parameter cannot be changed by a license update. If a change is required, the existing license must be removed before creating a new fingerprint.
K_LICENSE_ID: in older versions, the license ID changed if the license server software was reinstalled; in newer versions, it will remain unchanged as long as the license server host instance is not re-installed. This parameter cannot be changed by a license update. If a change is required, the existing license must be removed before creating a new fingerprint.
K_TYPE: possible values are NORMAL (time-limited or perpetual license) or COUNTDOWN (limited to a certain number of emulator runtime hours).
K_EXPIRED: configured number of emulator runtime hours. The remaining hours can be seen in the web interface of the license server and the emulator log file.
K_INTERVAL: configured license check interval.

Using the Web Interface

The license server provides a web interface to display important license characteristics and a list of currently connected client systems and emulator instances.

Prerequisite: access to TCP port 8084 of the license server must be possible.

The following image shows sample output of a backup license with 179 hours and 57 minutes of runtime remaining:

The following image shows sample output of a regular license with an expiration date and one client attached:

The first section of the samples shows the characteristics of the license. The second section shows the client running a Charon-SSP instance that is connected to the license server. In this example, client and license server are installed on the same system and the client uses product section 1 (4M) of the three product sections on the license.

Browser not supported