HomeDocumentationAPI Reference
Log In
These docs are for v17. Click to read the latest docs for v33.

License Management

Suggest Edits

This section describes the supported licensing methods, and license deactivation.

Ensure that you have a valid PrivX license code for taking PrivX into use. For license-subscription-related enquiries, please contact SSH Communications Security at [email protected]. For license issues, please contact SSH Licensing team [email protected].

Online License

Online licensing is the recommended way to license PrivX. This method is easy to set up, and after setup the license is automatically updated according to your subscription.

For online licensing to work, your PrivX servers must be able to connect to the licensing server, for the following operations:

  • Initial license activation: PrivX contacts license servers to fetch your license.
  • License refresh: PrivX contacts license servers to automatically fetch your new license.
  • License deactivation: PrivX contacts license servers to deactivate your license.

For online licensing, PrivX servers must be able to connect to license servers. License-server addresses are described under Network Requirements in Preparing for Deployment.

📘

Note

Note that if PrivX servers do not have access to the license servers when their license expires, the license will enter the grace period mode and expire after the grace period ends.

To activate a PrivX online license:

  1. Access the PrivX GUI and navigate to the Administration→License.

  2. Under the License code section, enter your license code, and click Update License.

In online licensing mode, PrivX checks for license updates every 6 or 12 hours and automatically applies any new changes found for your subscription. To trigger an immediate license refresh, click menu to the Last refreshed section, then click Refresh.

Using Online License Through HTTPS Proxy

If PrivX has no internet access, you can set up an HTTPS proxy for enabling connectivity to license servers. To enable a license proxy, perform the following:

  1. Set up an HTTPS proxy that forwards traffic to the license server.

  2. On all your PrivX servers, enable the license proxy:

    1. Edit /opt/privx/scripts/local-env. Specify the proxy address with the https_proxy setting, with the following syntax (replace proxy.example.com and 8443 with your proxy address and port respectively):

      https_proxy=proxy.example.com:8443

    2. Restart PrivX services to apply the changes.

      systemctl restart privx

Deactivating Online License

PrivX licenses can be activated only a limited number of times. To free up activations you must first deactivate a license. This is important when moving PrivX installation from a host to another. Deactivating online license requires access to the license servers from PrivX deployments.

To deactivate a PrivX license, go to the Administration→License. Next to Status, click menu, then click Deactivate.

Converting From Online License to Offline License

To change from online license to offline license.

  1. Deactivate the current license using PrivX GUI.
  2. Copy the offline license file to the license path to every PrivX server.
  3. Restart license-manager service on every PrivX server.

Offline License

Offline licensing is an optional licensing method for PrivX deployments which are completely unable to access licensing servers. The offline license is file-based and requires more manual actions for setup and maintenance. Offline licenses can be requested from the SSH Licensing team [email protected].

To install/refresh file-based an offline license:

  1. Copy the file to PrivX server, under the file-license path. The path is configured on /opt/privx/etc/license-config.toml, default /opt/privx/license/privx.lic.

  2. Restart license-manager service

To deactivate the file-based offline license, remove the license file from the path and restart license-manager service.

In case of offline High-Availability deployment, all of the PrivX instances requires the license file to be in place.

The offline license file is not part of the backups and won't be restored in case a backup is restored.

Converting From Offline License to Online License

To change from an offline license to an online license:

  1. On all PrivX servers, remove the offline license file from the license path.

  2. Restart the license-manager service.

    systemctl restart license-manager

  3. Insert the online license code via the PrivX GUI.

Converting to New License Format

If your initial PrivX deployment was set up before version 16.0, you may be using the old license format. For upgrade compatibility with future releases, ensure that you are using the new license format.

New licenses are in UUID format: f9ef3d6f-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Old licenses are purely numbers: 4961xxxxxxxxxxxxxx

To convert to new license format:

  1. Get a new license code from the SSH Licensing team at [email protected].

  2. Ensure your PrivX servers can connect to the new licensing server at https://privx.license.privx.io.

  3. From the PrivX GUI Settings→License page, deactivate the old license. Your PrivX deployment should now be unlicensed.

  4. On all PrivX servers, restart the license-manager service.

    # systemctl restart license-manager

  5. On the Settings→License page, insert the new license code to PrivX. Your PrivX deployment should now be licensed with the new license.

Updated about 3 years ago