[CLOSED] License Key Encrypted

[CPA1158139]

Can this KEY be encrypted in web.config ? How to decrypt and call?
Or, can this KEY be written directly in the program without putting it in web.config ? How to call?


Thanks

[fabricio.murta]

Hello @CPA1158139!

The key can't be encrypted in Web.config and there's no hardcoding of the key in the built DLL. The key is not necessary in the development environment's Web.config, only on production hosting, similarly to the database connection credentials (connection string) should be present in Web.config.

Even if the key was cryptable, how useful would that be? Copypasting the key will work no matter how strong and complex the cryptography is. If the key was hardcoded, simply by copying the DLL will carry the key either. So, general rule of thumb is, leave the key only on production server and trustworthy (and/or contract-signed) people with access to the production server and key.

Again, the development computer does not need a key to run. When running an Ext.NET website from Visual Studio (either with debugging enabled or disabled), the pages should not ask for the license key.

Hope this helps!

[geoffrey.mcgill]

There are two ways to set the License Key within your application:

Option 1:

Application wide within the Application_Start Event of your projects Global.asax file.

Example

void Application_Start(object sender EventArgs e) 
{{
    this.Application["Ext.Net.LicenseKey"] = "Your-License-Key-Here";
}}

Option 2:

Application wide by adding to the Web.config file.

Example

<?xml version="1.0"?>
<configuration>
    <configSections>
        <!-- Add "extnet" configuration section to Web.config -->
        <section name="extnet" type="Ext.Net.GlobalConfig" requirePermission="false" />
    </configSections>

    <!-- Add "licenseKey" config -->
    <extnet licenseKey="Your-License-Key-Here" />
</configuration>

[CPA1158139]

Thank you for your answer.It basic use I know, is to ask the way of encryption. We still want to be able to have the method to encrypt the key that we own because it is made by paying for it.I want to protect what I buy. After the deployment on production server, we also used only for the release of the program, and then can not be arbitrarily applied to other things.Some people with access to the production server may not always be trustworthy. He easily got the key, will no longer buy, even to profit.Can provide a way to decide whether we need to do encryption?

[geoffrey.mcgill]

Are you re-distributing the source code for your Application?

If no, then put the license key in the Global.asax.cs and add a term to your End User License Agreement preventing decompilation of the Assembly.

[CPA1158139]

Ok.Thanks a lot.Pls close