Hi all;
We need to provide a license key to customers for our application. The actual license is XML but we need to encrypt it and then in our program decrypt it. I think it is the following, but am asking to make sure I'm not missing something:
- On our server create the XML for the key.
- On our server signs the XML using our private key.
- UUEncode the encrypted key so it emails ok.
- Email the key to our customer.
- The customer puts the key in their app.exe.config file.
- The app reads the key from the config file.
- The app UUDecodes the key.
- The app verifies the signature using our public key.
- We now have the XML and use the key properties.
Is this the best way to do this? If not, what approach should we take?
It looks like digitally signing an XML file provides this functionality. However:
- Where/how do I get the private key from the store? We are placing this on multiple servers so I need to put the key on each Azure server.
- Where/how do I store this on an Azure server? Is it encrypted in the web.config file?
- Where/how is the public key for verifying in this example? It looks like in the sample they use the same key for decrypting and that's not a good solution.
thanks - dave
What we did for the last 6 months - Made the world's coolest reporting & docgen system even more amazing