I am making a licensing system when clients ask my server for a license and I send them a license if they are permitted to have one.
On my current system I encrypt the license using a single private key and have the public key embedded into the client application that they use to decrypt the license. It works!
Others have told me that I should be encrypting with the public key on the server and distributing the private key to clients. I have searched the web and can see that sometimes they use the private key to encrypt and other times they use the public key to encrypt.
In this case what am I supposed to do?
Others have told me that I should be encrypting with the public key on the server and distributing the private key to clients.
Those people are wrong. The name private key implies that it is private meaning that only you should have access to it.
In this case what am I supposed to do?
Use digital signatures. Sign the license file with your private key and use your public key in your application to verify that the signature on the license came from you.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With