Search
Close this search box.
Try RLM for Free
Search
Close this search box.

Reprise Blog

Reprise Software Blog – Your Hub for Licensing Solutions Insights
Stay informed about our products including Reprise License Manager (RLM), RLM Cloud, and Activation Pro. 

 

Learn from our customer success stories, understand the intricacies of different licensing models, and keep up with our ongoing service upgrades.

Using SSL Certificates (HTTPS) with RLM

  • By Rachel Garcia
  • June 28, 2023

Using SSL Certificates HTTPS with RLM

Overview

Starting with RLM version 15.1, License Administrators are now able to run the RLM web server with SSL certificates. When setup to use SSL certificates RLM’s web server will run with the HTTPS protocol.

 

RLM does not come with pre-configured SSL certificates. You will either need to procure your own certificates from a Certificate Authority (CA) or generate your own self-signed certificates.

 

Implementation

You can instruct RLM to use HTTPS during startup with the command parameters “-sslcert” and “-sslpriv”. For example:

rlm -sslcert /path/to/cert.pem -sslpriv /path/to/privkey.pem

 

Please note that certificate files cannot be used if they are password protected.

When launched with SSL certificates, RLM will automatically switch from listening for http requests to https requests. You will need to navigate to RLM using https:// in your URL, in v15.1 RLM will not automatically update HTTP requests to HTTPS requests. Alternatively, you can bind the RLM web administration port to port 443 (using the –ws flag during service installation), and your browser will automatically make an HTTPS call to the server’s URL.

 

Please note that running on any port below 1024 will require RLM to be run by an administrator.

 

FAQ

 

What Are SSL Certificates?

SSL certificates are a mechanism for your web browser to verify the identity of a web server, to make sure that the traffic is coming from a known source and not a malicious third party. The web server will present to your browser information signed by the server’s private key, which the web browser will then verify using the public key on the website. The server and the browser will then agree upon a traffic encryption method, the initial identity verification is what the SSL certificates are used for.

 

How does a browser know to trust an SSL certificate?

SSL public keys can be signed by a Certificate Authority (CA) to create a certificate hierarchy for an SSL certificate. Operating Systems (OS) and Web Browsers contain a built-in library of “root certificates” created by CAs that are known to be trusted. Your OS or browser will then review a website’s certificate hierarchy until it finds a root certificate that is trusted.

 

You can view this certificate hierarchy in most web browsers. For Google Chrome you can click on the padlock symbol in the address bar -> Connection is secure -> Certificate is valid -> Details

 

How does a browser know to trust an SSL certificate?

 

How do I get an SSL Certificate?

There are many ways to create or procure SSL certificates for your web site. A few options are listed here:

 

Purchase

You can purchase SSL certificates from certificate providers. These certificates are usually sold in units of years (a 1-year certificate, a 5-year certificate, etc.), with longer certificates usually costing more. These companies will require you to verify your identity in some way.

 

In general, purchased certificates are trusted more by OS and browsers.

 

Free Services

Free services such as Let’s Encrypt will provide SSL certificates for you. These services usually require you to verify ownership of both your domain name and the server, ex: making modifications to your domain’s DNS. These certificates are usually issued for a few months at a time, meaning you’ll either have to manually renew frequently, or automate the process.

 

In general, free certificates are trusted by most OS and browsers. Older computers or locked down systems may reject these certificates.

 

Create your own

You can create/generate your own SSL certificates. These certificates will not be signed by a CA and so most web browsers will display a warning message to your users.

web browsers will display a warning message to your users

In general, self-created certificates (sometimes called self-signed certificates) are not trusted by OS or browsers. You can add your own certificate to your devices’ certificate store, but other devices connecting to your server will not have the certificate and display a warning message.

 

Some organizations have internal CAs where a certificate can be added for all devices belonging to that organization.

 

I am unable to connect to the Web Server after implementing SSL certificates?

Make sure you’re connecting to your RLM server via HTTPS, as HTTP requests will not be redirected automatically. Your URL should look like:

  • https://hostname:[port-number] or
  • https://ip-address:[port-number]

 

When using 443 for the web administration port, no port is needed on the URL.

 

My browser says the site is insecure.

Most likely this is because you are using a self-signed certificate that isn’t trusted by your OS or browser. It’s also possible that your certificate has expired, or you are accessing the site before the start date in the certificate.

 

Other Posts

New RLM Release (v15.2)

We are excited to announce the release of RLM v15.2! Version 15.2 adds new platform support and fixes a number of bugs. We have also introduced a new online documentation platform on our website.   Added platform support ensures your customers can run RLM on

Learn more

Floating License Timeouts

Overview RLM server administrators can configure a floating license timeout if a client computer has not returned the license, and if RLM is no longer able to check the license status on the client computer. This means that a Timeout will not return a license

Learn more

RLM Maintenance Release (v15.1BL2) 

We have released a maintenance update to RLM v15.1BL2. This release primarily addresses a critical security vulnerability in the Mongoose web server.   If you have already updated to v15.1, we strongly recommend updating to v15.1BL2.   In addition to addressing this vulnerability we have

Learn more

New RLM Release (v15.1)

We are excited to announce the release of RLM v15.1, which provides a number of security enhancements, simplifies service installation, and fixes multiple bugs.   Significant improvements, such as the introduction of the Mongoose web server make RLM more secure, while also simplifying installation for

Learn more

The Power of Metered Licensing

Did you know that besides offering node-locked, networked, and named-user licensing, RLM can provide metered licensing options?   CPFD Software is a trailblazer in computational particle fluid dynamics. Organizations around the world use their Barracuda Virtual Reactor software to solve complicated engineering and technology problems.

Learn more
Man types on keyboard to update his software

New RLM Release (v15.0)

We are happy to announce the first production release of RLM v15.0. It fixes multiple bugs, improves workflows, and adds functionality.   After working tirelessly for months to improve our software, we know this RLM release will make license management easier and more streamlined for

Learn more
badge-winner of spring 2022 sourceforge award

Reprise License Manager Wins the SourceForge Spring 2022 Leader Award

Reprise License Manager (RLM), which won the Spring Leader Award from SourceForge in March 2021, has been named a winner in Spring 2022.   SourceForge is the world’s largest software and services review and comparison website. This award recognizes exceptional companies and products.   The

Learn more
See All

RLM and RLM
Activation Pro

What’s the difference?

Reprise License Manager (RLM)

Software License Manager

RLM provides runtime checking that verifies that your application is licensed to run and that the current usage of your application is within the limits you have ser every time your application runs.

As a Software publisher, you integrate RLM into your product, and RLM keeps track at runtime of who is using the licenses of your software.

RLM can do this entirely within the client library (linked into your application), or, more commonly, your application makes a request of the RLM Lincese Server to check out a license.

The lincese server runs either on your customers network, or in the cloud if you are using our RLMCloud™ service.

RLM provides runtime checking that verifies that your application is licensed to run and that the current usage of your application is within the limits you have ser every time your application runs.

RLM Activation Pro

Software Activation Manager

Activation Pro is
used once when your customer purchases your software in order to retrieve the license which is specific to that customer.

Software Activation’s purpose in life is to get the licenses for your product to your customers with a minimum of fuss.

Activation Pro also has a server component wich we call the activation server.

Your application contacts the activation server and supplies a short text activation key, and in exchange, the activation server returns the license which enables your product.

Generally, this is done once, right after your customer purchases your software, not every time your software is invoked.