Hi Embedding the public key in the code will solve your problem. Instead of giving a certificate as a license, you could sign some arbitrary ASN1 structure that contains license information. That way, it will make it even more difficult for someone to guess your license structure.
Be careful when designing a solution that requires the client to connect to a license server. You may not have a network channel to connect to the license server as it might be blocked via a corporate firewall. Himanshu Soni -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Michael Sierchio Sent: Wednesday, September 11, 2002 8:10 AM To: [EMAIL PROTECTED] Subject: Re: Certificate as license? Jasper Spit wrote: > Hi, > > The following scenario. I'm running a company that sells software. > When selling software to a new client I create a certificate for > that client and sign it using my company's root certificate. > The software in turn on startup checks if the client's certificate > was signed by my company, by matching it against root.pem which > contains my company's cert. However, when the client alters the > root.pem, or creates its own CA and puts that one in root.pem, > all will be lost :) Is there any way to bypass this ? Has anyone > done a thing like this before ? More times than I care to remember. You could embed the root cert (or even pubkey) in the software... You could require that it contact a license server... ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
