I am using Cryptlex v2.9.
When I upgrade Cryptlex to V3.x, I consider using the Web API to manage licenses.
Therefore, I checked whether the Web API could realize what was done with the LexActivator v3.x.
As a result, I have two questions.
Each time, your app starts, you need to verify whether your license is already activated or not.
This verification should occur locally by verifying the signature of the JWT activation token using the RSA public key.
From the above quote, I realize that if I want to validate a license with the web API, I have to implement myself to be able to validate the license locally.
However, I have used LexActivator to validate the license so far, so I do not know how to do it.
How do I determine that the license activation is correct?
- Verifies the HTTPS response signature using 2048 bit RSA public key.
- Stores the HTTPS response in an encrypted form on the disk using AES 128 bit symmetric encryption algorithm.
- Generates multiple fingerprints of the machine using an advanced device fingerprinting algorithm, which can be used to allow for different fingerprint matching strategies.
- Does virtual machine detection so you can prevent users from activating your licenses in virtual machines. Virtual machines can be cloned which may sometimes result in same fingerprint on different machines.
As quoted above, LexActivator provided many APIs.
If I use Web API, will these APIs be unnecessary?
If I need them, which APIs do I need to implement myself?