Table_of_Contents
2.1 Enable SecureOffice Package Repository
3.1 Extending or Renewing Trial Licenses
3.3 Select and Install Premium Application
3.4 Diagnosing Licensing Failures
3.4.1 Configuration is Incomplete
3.4.2 Registered Domain Mismatch
3.4.3 Expired Trial License
3.4.4 Hardware or Domain Changed
3.4.5 Internet Connection Issues
3.4.6 License Server Down
3.4.7 License Service Not Running
3.5 Licensing Technical Overview
List of Figures
Figure 1: User Information Page
Figure 2: Manage Licenses Page
To install anything extra on basic (free) SecureOffice requires a small annual access fee for the premium SecureOffice package repository. This allows downloading additional packages and prerequisites for premium (including trial) applications.
SecureOffice provides two classes of applications, custom (requires repository access) and premium (requires license):
1.1 For Small Annual Access Fee
Custom packages, once the custom repository is enabled are installed the same as any other OpenWrt package (using opkg install). None of these packages are available for standard OpenWrt.
Instructions for using custom scripts are provided at the corresponding script page and under the "HowTo" menu.
Premium copy protected packages require individual licensing and access to the custom repository for dependencies. Free 30-day trial, annual and permanent licences are available.
Premium, licensed applications are installed using the licensing pages in the OpenWrt configuration GUI ("System -> Licensing").
The registered SecureOffice domain must be active. All authentication and license requests must come from the registered domain, else will be denied.
Become a registered user at this site (only once):
Follow instructions in the confirmation email to complete registration.
Enter your Paypal payment ID in the correct form and press "Save and Apply":
After purchasing custom repository access, the repository and user credentials must be configured. Instruction are in the next section.
Upon receipt of payment confirmation, the license administrator will update your Access / License status.
After purchasing access to the custom SecureOffice package / script repository, it must be enabled. From a command prompt:
No errors mean that credentials are correct and the license server administrator has updated your access. All premium packages / scripts are now available.
Errors may be caused by:
It is recommended (to maximize usage time) of trial licenses that, prior to installing any premium application, all application prerequisites, user preferences and information required for application configuration be reviewed and prepared to rapidly configure the application once it is installed. For trial and time limited licenses, the clock starts ticking once the application is first installed.
The purpose of trial licenses is to allow users to evaluate (try before buy) and, initially, to provide feedback / suggestions for quality control and user satisfaction purposes.
It is the preference of the SecureOffice team that nothing be sold until quality has been confirmed by users, in addition to the rigorous team testing already completed. Full 30 day support is available (from SecureOffice developers) in the forum and charitable users after, even for trial licenses. Further, most SecureOffice packages, once installed are standard and can be configured using online OpenWrt, etc articles for particular packages.
Users who are helpful with suggestions, feedback or bug reports regarding this website, SecureOffice or premium applications will be considered for time extensions of their trial licenses and, perhaps earn permanent licenses or discounts.
If it is determined that more user feedback is required, trial licenses may, without notice, be extended by the SecureOffice team for some, or all users.
A certain way to earn permanent licenses is to provide significant technical help, useful feedback in the following areas:
The above can be considered the development roadmap for SecureOffice. None of the above issues are "show stoppers". SecureOffice is ready for deployment NOW. The SecureOffice team has the expertise, but not the time required. If this is not achieved by user feedback and assistance, funding will be sought to put together a larger engineering / marketing team. Funding options being considered are bootstrap using sales revenue, kickstarter campaign or corporate sponsorship / partners.
Ultimately, a manufacturing partner will be sought to streamline and cost reduce the SecureOffice hardware. Turnkey systems requiring minimal configuration with pre-installed OS and premium applications, requiring minimal configuration will become available.
If you have ideas / proposals regarding building a larger SecureOffice team, or, if your organization already has the required resources, send a private message simply outlining your proposal / terms and resources available with reply email address. Email and / or phone discussions will follow.
TODO: create dedicated "partner" opportunities page.
It is required that you be a registered user at the support (this) site and have installed SecureOffice before being able to register as a SecureOffice user.
Using the OpenWrt GUI, navigate to "System->Licensing". You will see the "Registration" page (Figure 1, below) where user information must be entered. This information is required for all licensing including custom repository access and premium applications.
Users must enter the same email address and user ID as was used for registration at the support (this) site.
The "Password" is the password to be used for SecureOffice custom repository access. It must match the password in "Enable SecureOffice Package Repository" above.
Once user information is entered and registered with the license server, the "User ID" and "email" fields cannot be updated, without manual intervention by the license server administrator. Other information on this page, including password may be updated at any time.
The "Purchase Receipt ID#" field can be left blank for now. After access to the SecureOffice custom package repository is purchased, enter the receipt ID in this field.
Enter and verify your information, click "Save&Apply".
User registration information is included (encrypted) in each license issued and stored in a license server database for verification purposes.
Figure 1: User Information Page
Premium applications are managed (installed and removed) using the OpenWrt web GUI ("System->License->Manage Licenses"). The "License Management" page (Figure 2) will display.
Prior to installing anything, please review the links in the "Licensing Terms" section. Installing any application constitutes agreement to the applicable license terms.
A License help page is available to assist with this process.
Figure 2: Manage Licenses Page
License status and time remaining in application licenses can be checked at any time by pressing the application "Verify" button.
If, for any reason your license is corrupted or lost (such as by completely re-installing SecureOffice on the same hardware, then restoring from backup), pressing the "Install" button will replace your license (but, not extend license period).
The "Register" button serves multiple purposes, depending on licensing state.
The "Install" button serves multiple purposes, depending on the application install state:
The "Remove" button performs a backup of application configuration settings and completely uninstalls the application.
The "Verify" button is used to check application licensing status.
Pressing the "Delete" button uninstalls the application and removes it from the Luci web GUI. After done, press the "Save&Apply" button to save the configuration.
Applications can be installed / removed freely using the "Install" and "Remove" buttons. This will not affect the license or trial period. When an application is removed, all application configuration settings are saved and re-applied if the application is re-installed.
After removing an application, if you wish to re-install the application with default configuration (not restore from backup), using a command prompt, delete or rename the "/packages/<application-name>-backup.tar.gz" file, if it exists, prior to re-installing the application.
If, during normal operation, a licensed application fails to start, the first thing to do is to check the "License Status Log" using the OpenWrt GUI to access the application install page ("System->License->Manage Licenses") for error messages.
Possible reasons for licensing failure are outlined in the following sections.
If this message appears in the licensing log, it is an indication that either all mandatory fields have not been entered in the Identity configuration section ("System->License->Registration"), the SecureOffice domain has not been configured correctly, or DDNS is not working.
A message appears in the log:
"ERROR: License Failure: Your registered domain IP: <some IP address> does not match your IP: <some other IP address> for domain: <your domain>"
Your DNS domain IP address and the IP address that SecureOffice is attempting to verify licensing for are different. This means:
Keep retrying until the internet DNS servers acquire your updated IP address.
It is possible that the SecureOffice team may have extended the trial period for some or all licenses, in order to extend the test period for user feedback. Press the "Install" button to check for and install an updated license if it exists.
If this fails, you will have to provide compelling (Send a Private Message) reasons why your trial license period should be extended, contributions you have made and contributions you intend to make. If you have qualified as a beta tester by previous contributions and beta test is ongoing, your license will be extended. No response (within a week) to your request means: denied.
Successful license verification depends on matching the domain and hardware fingerprint of your installation taken during registration with the license server. If the domain or hardware has changed by replacing an ethernet interface (0, 1), WiFi or hard disk, a license failure will occur. An error message indicating this will be in the "License Status Log" visible at "System->License->Manage Licenses".
Updating licenses due to domain and / or hardware changes requires the following:
The above process is fully automated, but unanticipated problems may occur, requiring a Private Messsage and manual intervention by the license server admin.
At a SecureOffice command prompt: enter "ping yahoo.com" to verify connectivity. Fix any problems before proceeding.
At a SecureOffice command prompt: enter "ping [this site]" to verify connectivity. Fix any problems before proceeding.
A good place to start is the SecureOffice syslog. At a command prompt enter "logread" to see system status. If there is too much information that scrolls off the screen, enter "logread > /tmp/syslog; nano /tmp/syslog" to inspect the log, looking for network related problems.
The following should be checked:
If all else fails, search the internet for "OpenWrt network troubleshooting".
The license server, this website and repositories are running in a SME-Server virtual machine under SecureOffice, for real world testing. There are currently upload bandwidth limitations due to ISP. Eventually this site will be moved to a faster internet connection. As in all new products, there may be minor issues.
To verify if this is the case, check the "License Status Log" (System->License->Manage Licenses) and enter "ping [this site]" at a command prompt.
Ping failure response, assuming your internet connection is OK means that the license server (and this website) is down (power or internet failure) and you will have to try again later.
Ping success means that the license server machine is up, but the license server is not. Wait until service is restored.
Long term, for reliability, the license server will be watchdogged and either moved into the cloud, immune to power and internet failures, or at least have a UPS (Uninterruptable Power System).
Ultimately, the license server, repositories and this website will be moved to cloud servers. For now, until load exceeded, SecureOffice services will continue to be run locally using ISP connection.
Application license verification requires the license service to be running on SecureOffice.
To check if the service is running, enter "ps -Af | grep vtdaemon". If the service is running, the response will contain "vtdaemon -f".
If the license service is running, it may have issues, requiring it to be restarted. From a command prompt, enter "/etc/init.d/vtdaemon restart" and attempt to start the failing application again.
If the license service is not running, it may have become disabled by misconfiguration. From a command prompt, enter "/etc/init.d/vtdaemon enable; /etc/init.d/vtdaemon restart" and verify that it is running by entering "ps -Af | grep vtdaemon". If it is still not running, check the logs (logread and License Status Log) for clues and fix any problems reported. If stuck, post in the forum with detailed information for assistance. The theoretical "problem" of unable to start the license service has never been observed during development and test. Any reports of this will get very high support priority.
If the license server is running, attempt to restart the application.
To restart SecurePBX: enter "/etc/init.d/freeswitch stop; /etc/init.d/freeswitch start" at a command prompt.
To restart VmWare WorkStation: enter "/etc/vmachines stop; /etc/vmachines start" at a command prompt.
To restart docker and containers, enter "/etc/init.d/docker stop; /etc/init.d/dockerd stop; /etc/init.d/dockerd start; /etc/init.d/docker/start" at a command prompt. Docker startup and error messages can be observed by entering "logread -f | grep docker"
If a premium application fails to start or misbehaves and there are no licensing issues, consult the Troubleshooting section for the application.
SecureOffice licensing uses a custom Linux loader, public key cryptography, kernel space decryption and a license daemon securely communicating with a license server in the cloud.
It is intended to make the SecurePBX licensing available as IP, since nobody else (that developers are aware of) apart from Wibu Systems has done kernel level, custom Linux loader, public key copy protection for Linux. Wibu copy protection is "proof of concept" for Raspberry Pi, requiring an expensive dongle and no cloud licensing (may have changed).
TODO: write full article with pretty pictures regarding copy protection IP, link here.
|
Technologies Used: