The code below should be included whenever you want to verify a license key, which normally occurs during app start (eg. Form_Load for desktop apps). In addition, you can invoke it whenever a user updates the license key. In some licensing models, this check needs to be called periodically.
Getting started
1
Add client SDK/library
First, we need to install the client SDK / libraryUsing dotnet CLIIf you are targeting Mac, Linux or Unity/Mono, we recommend to use the cross platform version of that package.In Visual Studio package managerUsing dotnet CLI
Install Nuget package
In Visual Studio package manager2
Add namespace
3
Add key verification script
The following script will verify the license key with the server. To get it to work, you need to change the ProductId, the RSAPubKey, Access Token and licenseKey. More information can be found below the code snippet.RSAPubKey is found at the bottom of this page, under RSA Public Key section and it’s the same for the entire account. You don’t need to change it.Access token can be created on this page. For the code to work, please check “Activate” permission and leave other fields unchanged. Typically, an access token stays the same for all your products, however, you can always create a new one and make it product specific.ProductId is found on the product page and if you add the key verification script to a new product, this value needs to be changed in the code.LicenseKey is found on the product page and contains 20 characters of the following format AAAA-BBBB-CCCC-DDDD. Each end user/customer should normally receive their unique license key. The license key should not be hard coded inside the application. Instead, there should be a way for the user to enter it inside the application or other means.
.NET(C#/VB.NET) only: If your application will run in Unity/Mono, Rhino/Grasshopper or on a platform other than Windows, we recommend to use a different version of Key.Activate.
Troubleshooting
General
Result is null
Result is null
In most cases, this is because some of the required parameters are missing. These are:
RSAPubKeyauthProductId
licenseKey is missing. Please check the beginning of the tutorial on how to find them.Note, if you have blocked a license key, it will also return a null result.
.NET specific (C#/VB.NET)
Helpers.GetMachineCode issues (in Windows environments)
'System.MethodAccessException' when calling Helpers.GetMachineCode
Helpers.GetMachineCode issues (in Windows environments)
'System.MethodAccessException' when calling Helpers.GetMachineCode
In some Windows environments (e.g. when developing Excel addins), it might not be feasible to call Helpers.GetMachineCode on .NET Framework 4.6. The reason for this is the call we make to If the approach above does not work, please try the following call instead:
System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform. To fix this, we have added a boolean flag in Helpers class. Before calling Helpers.GetMachineCode or Helpers.IsOnRightMachine, please set Helpers.WindowsOnly=True.The namespace is missing
The namespace is missing
This means that Cryptolens.Licensing library was not included into the project. It can be easily added using NuGet packager manager, which you can find by right clicking on the project:
License verification is successful but signature verification fails
License verification is successful but signature verification fails
If you are
Issue with activation even if api.cryptolens.io is accessible in the browser
Issue with activation even if api.cryptolens.io is accessible in the browser
If your clients are able to visit Ideally, you should try to pick the highest available TLS version, but it is important to also test that such TLS version is supported in the .NET Framework vesion that you use.If possible, the best approach is to run the latest version of .NET Framework. If that is not possible, please use at least .NET Framework 4.7. In other cases, the workaround above can be used (i.e. manually specifying the TLS version).
app.cryptolens.io and api.cryptolens.io in Microsoft Edge but unable to activate the application, the issue could be both that they are using a proxy, connect to Active directory or that their IT department has blocked TLS of certain versions.To fix these issues, we recommend to:- Update to the latest version of the SDK.
- If you run a version of .NET Framework prior to .NET Framework 4.7, we recommend to manually specify which TLS should be used. Before any call to the API (for instance, Key.Activate performs an API call), we recommend to add the following line:
Issues with Newtonsoft.Json on .NET 4.8
Issues with Newtonsoft.Json on .NET 4.8
Some customers have reported an error with the right version of Newtonsoft.Json not being found. It seems to be localized to those that target .NET Framework 4.8, and the following error is shown:The error is thrown when a wrong version of Newtonsoft.Json is installed in the same project as Cryptolens.Licensing library. To fix this, you need to make sure that Newtonsoft.Json is uninstalled completely and then re-install Cryptolens.Licensing.
Python
The expiration date cannot be converted to a datetime object. Please try setting the period to a lower value
The expiration date cannot be converted to a datetime object. Please try setting the period to a lower value
This error occurs when the timestamp for the expiration date received from the server exceeds the limit in Python. This typically occurs when the Period is set to a excessively large value, often to prevent the license from expiring.While Cryptolens requires a period (defaulted to 30) during the creation of a new license, this does not mark the license as time-limited. You can learn more about it here. In essence, a license is treated as time-limited by either enforcing this in the Python code (e.g. if F1=true, the license is time-limited and so we check the expiration date against the current date, to see that it is still valid) or on the server side. On the server side, you can, for example, set up a feature that will automatically block expired licenses. You can read more about it here.In sum, to solve this issue, you can either follow one of the methods described above or set the period to a smaller value.
Issues with CA/SSL verification
Could not contact the server. Error message: <urlopen error [SSL: CERTIFICATE_VERIFY _FAILED] certificate verify failed: unable to get local issuer certificate (ssl.c:1125)>
Issues with CA/SSL verification
Could not contact the server. Error message: <urlopen error [SSL: CERTIFICATE_VERIFY _FAILED] certificate verify failed: unable to get local issuer certificate (ssl.c:1125)>
This error is thrown when the urllib library (a built in library in Python that we use to send HTTP requests) is unable to locate the CA files on the client machine. From our experience, this error occurs exclusively on Macs where the Python environment is incorrectly installed.To solve this temporarily for testing purposes, you could temporary disable SSL verifications as described in here, however, we do not recommend this in a production scenario. Instead, a better solution is to fix the underlying issue preventing the Python environment from finding the CA files.This can be accomplished in at least two ways:Using certifiBefore calling any of the API methods (e.g. Key.activate), you can add the following code:Please note that this requires
certifi package to be installed.Running a script in the Python environmentAn alternative is to run script in their environment that should fix the issue. You can read more about it in this thread: #65SummaryThe key takeaway is that it is better to address the issue with missing CA on the user side, since this issue will typically be user-specific. If that is not possible, you can use the code above to manually set the path to CA files. Although we have mentioned turning off SSL verification temporarily, it should not be used in production. Key.activate takes care of signature verification internally, but some other methods do not.Proxy
Proxy
If you have customers who want to use a proxy server, we recommend enabling the following setting before calling any other API method, such as Key.Activate.This will ensure that the underlying HTTP library (urllib) used by Cryptolens Python SDK will use the proxy configured on the OS level. The goal is to make this default behaviour in future versions of the library, once enough feedback is collected.
Turning off SSL (for troubleshooting only)
Turning off SSL (for troubleshooting only)
SSL verification can temporarily be disabled by adding the line below before any call to Key.Activate.The Cryptolens Python SDK will verify that the license information has not changed since it left the server using your RSA Public Key. However, we recommend to keep this value unchanged.
C++
How errors are reported in the C++ library is described in theREADME.md file, which is also available here.