Environment Configuration

Make sure to review the Scope page of this document before proceeding with the Setup instructions below!

Server Installation

Follow the Linux or Windows installation instructions to install Telos Alliance License Server on a host.

When deploying Telos Alliance License Server, it is always recommended to decouple the License Server from the host running Telos applications. In other words, install and run the License Server on a separate, centralized Server or VM from the applications it is licensing. This follows best practices, and ensures greater resiliency.

Configuration

The On-Prem License Server configuration is stored in a config.json file. This config file is stored in the following locations:

Linux:

/opt/telos/.license-server

Windows:

C:\ProgramData\Telos\LicenseServer

The config.json contains the parameters shown below. Of course, the example values displayed will be different on your system:

{
  "LicensesFolder": ".",
  "LogsFolder": "./logs",
  "ServiceAddress": "0.0.0.0:42131",
  "HttpServerAddress": "0.0.0.0:8080",
  "BackupServerAddress": "127.0.0.1:42131",
  "SyslogServerAddress": "udp://127.0.0.1:514",
  "ConfirmationCode": "123456",
}

NOTE: You may use forward slashes in paths even on Windows. Since the backslash character ('\') is uses as the escape sequence prefix in JSON, you would have to double it up in paths that use the backslash (e.g., "c:\\license-server").

LicensesFolder

Specifies the folder where the server will look for key9 license files (with a .key9 extension).

LogsFolder

This is the location where the logs will be written. By default, the server will store 30 days of logs.

ServiceAddress

The IP address and port where to listen for product license requests. An IP address of 0.0.0.0 means that the server will accept requests on any interface. If you wish to only accept requests on one interface then specify its IP address under the ServiceAddress property. The default port is 42131. Do not change this value unless you have been instructed to do so by Telos Alliance.

NOTE: The licensing system uses an encrypted TCP connection between the products and the license server at the service address. The products send UDP messages to the same service address to report their license status. The same UDP port is used by the license server to monitor the license state of another server. For these reasons, both the TCP and UDP ports at the service address must be reachable and accessible.

HttpServerAddress

This is the IPv4 address where the HTTP management server will accept requests. 0.0.0.0:8080 is the default configuration so that the HTTP management server is accessible on any interface at port 8080. You can change this from 0.0.0.0:<port> to any IP address or port of your choosing. For example, If you enable this on localhost only (127.0.0.1:<port>), then you'll only be able to access the web UI from the same computer.  Please be mindful of any cybersecurity concerns when assigning the IP and port to the HTTP server.

ConfirmationCode

This applicable to products that are using Telos Alliance ID for login. The ConfirmationCode value is the value that a user will need to enter when prompted for the login validation code. You may change this value to something other than "123456". If you change it, please use a 6-digit numeric string.

BackupServerAddress

If you're using primary and backup license servers, you may specify the service address of the other license server here to let each server monitor the licenses installed on the other server. Note that this enables a passive monitoring option; no licenses are used or transferred. Each server checks that the other server has the same licenses and will generate an error if this is not the case. You will also get a warning if the other server fails to respond to queries, allowing you to detect network issues, or computer crashes, etc.

NOTE 1: You must use the full address of the other license server in this field, including the port number. For example, if the other license server is deployed with IP address of 10.0.1.14, you would enter 10.0.1.14:42131 in the BackupServerAddress field.

NOTE 2: In v1.1.5, you must restart the license server after changes to the BackupServerAddress field before the change will take effect.

SyslogServerAddress

You may specify the address of a syslog server used to monitor the license server; the license server will then send log messages to the syslog server, in addition to logging them to log files. Configure your syslog server to notify you in case of errors or warnings. See the Messages section below for details on the messages that you may see in the logs.

NOTE 1: You must use the address and port of the syslog server. Using the address without specifying the port will not work. You may also specify a transport prefix: udp:// for UDP or tcp:// for TCP. If the transport prefix is not specified, it will default to UDP.

NOTE 2: In v1.1.5, you must restart the license server after changes to the SyslogServerAddress field before the change will take effect.