Tranquil IT Forum

Published: **March 17, 2022 - 6:14 PM**

Hello,

I would like to activate a product using a license key stored in a package, but packages are not encrypted, so I followed this solution:

https://www.wapt.fr/fr/doc/wapt-create- ... pt-package.

The problem with this solution is that it requires generating the encrypted file with the public keys of all the machines in the network.

Therefore, as soon as a new machine is added to the network, the package must be recreated.

Is there another solution besides encrypting with the public keys of each machine?

Thank you.

Published: **March 18, 2022 - 8:29 PM**

Hello guestben321,

this is the correct method, but indeed WAPT lacks a wizard to make this operation less tedious. Using another method would compromise security.

With version 2.2 now released, one of the team's next objectives is to create wizards, and you've suggested one that's an excellent candidate.

Vincent

Published: **March 25, 2022 - 4:31 PM**

Hello guestben321,

if all machines need to be able to see the license key, it's better to protect the repository itself rather than the key within the package. It's possible to enable client certificate authentication on the nginx server so that only WAPT agents registered on the server can download packages.

Regards,

Denis

Published: **March 29, 2022 - 4:10 PM**

Hello,

thank you for your reply.

Indeed, securing the repository server directly, rather than the key, seems like a good approach.

Ideally, I would like only certain members of an Active Directory group to have access to this license key.

good day

Tranquil IT Forum

Use of sensitive data in a packet.

Use of sensitive data in a packet.

Re: Use of sensitive data in a packet.

Re: Use of sensitive data in a packet.

Re: Use of sensitive data in a packet.