Mutual TLS between client app and license server in remote verification

Question

Mutual TLS between client app and license server in remote verification

furkansenharputlu opened this issue 4 years ago · comments

Furkan Senharputlu commented 4 years ago

Niels Hofmans · Answer 1 · Wed Mar 18 2020 15:36:51 GMT+0800 (China Standard Time)

Might be better to just use certificate pinning if every client is going to embed the same cert/key.
But if every client has a separate cert/key, you have a replacement license key.
e.g. generate the cert/key using PBKDF from the license key ciphertext.