The Sentinel EMS Administration Console is a graphical, web-based tool that you can use to configure and manage various properties of the Sentinel EMS Server. The Administration account used to access the Sentinel EMS Administration Console is different from the Sentinel EMS admin account, even though both accounts have the same user name. When you change the password for one of these accounts, the password for the other account is not affected.
To open the Administration Console:
1.Do one of the following:
•Navigate to the following URL: http://<host name>:<port>/emsConfig
where <host name> and <port> stand for the Host name and port of the Sentinel EMS Server.
•In the Sentinel EMS portal, click Administration > Administration Console.
•(In the Sentinel EMS Server machine) From the Start menu, select Programs > Gemalto Sentinel > Sentinel EMS > EMS Administration Console.
2.In the login screen, enter the user name admin and password admin. This password may be different if you have previously changed it.
You can modify the Administrator Console settings, as needed. Changes take effect immediately after saving.
This section includes:
The settings in this section are read-only. For details on modifying these settings, see Updating Database Connection Details.
These settings specify the outgoing e-mail exchange server (SMTP) and other e-mail properties.
|SMTP Host||IP address of the e-mail exchange server.|
|User Name||User name for sending e-mail from an authenticated e-mail server.|
|Password||Password corresponding to the User Name.|
|Sender Name||Sends all e-mails from this sender.|
Sends all e-mails from this address.
Enables transport layer security (TLS).
NOTE TLS encrypts data, such as your user name and password, so that the data is secure and private. With mail delivery, TLS begins with an unsecured connection to the mail servers, and then upgrades to a secure connection once information is sent.
Authenticates the user using the provided user name and password.
|E-mail Master Footer||
Contains the copyright information appended to the bottom of each mail.
Default string: © Thales Group 2020. All rights reserved.
|Notification E-mail From||Sends all notifications from this address.|
|Reports E-mail From||Sends all scheduled reports from this address.|
|CC||Sends carbon copies of the Entitlement certificate e-mails to this address.|
|BCC||Sends blind carbon copies of the Entitlement certificate e-mails to this address.|
|E-mail From:||Sends the Entitlement certificate e-mail from this address.|
Specifies whether to send an e-mail when the entitlement is produced.
NOTE Use a semicolon (;) to separate e-mail addresses in the CC and BCC fields.
|CC||Sends carbon copies of the license certificate e-mails to this address.|
|BCC||Sends blind carbon copies of the license certificate e-mails to this address.|
|E-mail From||Sends the license certificate e-mail from this address.|
Specifies whether to send an e-mail when the license is generated.
NOTE If you want an e-mail to be sent, make sure to configure the SMTP settings, as described in Outgoing E-mail Server Settings.
NOTE Use a semicolon (;) to separate e-mail addresses in the CC and BCC fields.
|CC||Sends carbon copies of the contact certificate e-mails to this address.|
|BCC||Sends blind carbon copies of the contact certificate e-mails to this address.|
|E-mail From||Sends the contact certificate e-mail from this address.|
Specifies whether to send an e-mail when an end-user is registered.
NOTE Use a semicolon (;) to separate e-mail addresses in the CC and BCC fields.
The following properties appended the end of all e-mails sent by Sentinel EMS.
|Support Team Name||
Support team name.
|Phone||Support contact number.|
Support e-mail ID.
|License File Upload Size||
The maximum allowed size of the license (V2C) file.
Enables or disables support for the cloud licensing model, which provides a simple mechanism for distributing and managing licenses via the Internet or company network for online and offline consumption. For details, see the sections on cloud licensing in the Sentinel LDK Software Protection and Licensing Guide.
>Define Per Product (Future). Default. Leaves all products "as is" without the ability to enable or disable cloud licensing.
>Enable For All Products. Enables cloud licensing support for all products. Requires Sentinel Run-time Environment (RTE) 8.11 or later on the license server machine and the Cloud Licensing module on the Master key.
>Disable For All Products. Prevents cloud licensing support for all products. Requires Sentinel Run-time Environment (RTE) 8.11 or later on the license server machine and the Cloud Licensing module on the Master key.
|Generate Readable License||
The generated license file contains the license information as readable text.
|Fallback to V-Clock||
If selected, entitlements for (driverless) Sentinel HL Time or NetTime keys configure the key to switch automatically to V-Clock (virtual clock) if the battery for the real-time clock is depleted. If the real-time clock stops operating, protected applications, including those with time-based licenses, continue to run.
If not selected, entitlements for (driverless) Sentinel HL Time or NetTime driverless keys do not switch to V-Clock if the real-time clock stops operating or the clock battery is depleted. Therefore, protected applications, including those with time-based licenses, will become unresponsive.
NOTE After the real-time clock stops working, you must disconnect and reconnect the Sentinel HL keys to switch to the V-Clock. This switchover cannot be rolled back. Clearing the Fallback to V-Clock check box after the switchover does not affect the V-Clock, which will continue to run.
The settings in this section are read-only. For details on modifying these settings, see Configuring SSL and Port.
|EMS URL(s) for Rebranded RTE||
The URL used by the Run-Time Environment (RTE) to communicate with the Sentinel EMS Service on the user's machine.
The URL specified in this field is automatically included in the RTE installer that the user downloads from EMS or that which is included in the bundled RTE installer generated by EMS. The URL is automatically inserted in the EMS URL field on the Admin Control Center for the RTE.
Enter the URL in this field and click Save.
Load Balancers: If you are using load balancing, you can specify multiple URLs (separated by commas). The format for each URL is: "http://_address_:8080" where address is the IP address or machine name of the machine where Sentinel EMS Service is running.
NOTE Do not use URLs with localized characters, as this may cause unexpected results in applications on operating systems that cannot handle localized characters.
|Max Records per Page (Web Services)||
Maximum number of entries that can be returned by Web service calls for Products, Entitlements, and Customers.
To return an unlimited number of entries, set this value to 0.
|Default File Upload Size||
The maximum size in MB for file uploads.
|Dashboard ISV Refresh Frequency||
The publisher home page refresh frequency.
|Max Concurrent Requests per URL||
Maximum number of concurrent requests allowed from a particular IP to a particular URL.
|Show Auto-created Feature, Product and Entitlement||
This option allows you to also display Features, Products, and Entitlements that are automatically created through the check-in of C2V files or data migration in the Sentinel EMS portal.
|Exclude All Optional Features||
Specifies if the Exclude All check box is selected by default in the Product Details area when creating or editing an entitlement in the Sentinel EMS portal.
The Exclude All Optional Features and Display Optional Features as Includable Instead of Excludable check boxes work in tandem to affect the options displayed in the Sentinel EMS portal.
If you select the Display Optional Features as Includable Instead of Excludable check box, the Include All check box is displayed instead of the Exclude All check box in the Product Details area when creating or editing an entitlement in the Sentinel EMS portal.
The functionality of Exclude All Optional Features remains the same regardless of the options displayed in the Sentinel EMS portal.
This means that if you select this check box, and the Exclude All check box is displayed in the Sentinel EMS portal, the Exclude All check box will be selected by default. Conversely, if you select this check box, and the Include All check box is displayed in the Sentinel EMS portal, the Include All check box will not be selected by default.
The following table illustrates the interaction between these options:
The Exclude All (or Include All) check box is located in the Product Details area of the Create Entitlement or Edit Entitlement screen.
|Display Optional Features as Includable Instead of Excludable||
When creating an entitlement in the Sentinel EMS portal, replaces the exclude-related display options with include in the Product Details area.
This is useful if you or others prefer to think in terms of inclusion instead of exclusion.
The Display Optional Features as Includable Instead of Excludable and Exclude All Optional Features check boxes work in tandem to affect the options displayed in the Sentinel EMS portal. For more details, see Exclude All Optional Features.
|Default Locale Code||
The default locale for the Sentinel EMS portal.
|Start Feature Identifier||
Specifies the number to start the auto-generated Feature ID in the Sentinel EMS portal.
NOTE For each new Feature, Sentinel EMS generates a unique Feature ID in the Feature ID field. You can also assign your own numeric identifier to the Feature.
For example, if you enter 1001 in this field, the next new Feature will have the Feature ID 1001, by default. Subsequent Features will have incremental values, for example, 1002, 1003, ....
If needed, you can assign a specific numeric identifier to a new Feature by specifying any value (less than or equal to this number). Make sure to verify that the number is available.
|Allow adding Products from State||
Specifies whether to add an Add Products From State button (in addition to the Add Products button) in the Product Details pane when creating an Entitlement .
You can use this button to add Product details from a C2V file or Key ID to an Entitlement.
|Client Polling Frequency (Web Services)||
Passes the specified value to the protected applications that call the Fetch Pending Updates (V2C) using the C2V web service. You can write a routine in each application that uses this value to set the polling frequency for calling the web service and checking for updates.
|User Session Timeout||The amount of time in minutes before the user session|
|URL for Embedded Sentinel EMS Customer Portal (iFrame)||
Specifies the URL to use if you insert an iFrame on your website that contains the Sentinel EMS Customer Portal. This enables your end users to access the Sentinel EMS Customer Portal in your website.
NOTE You can also access Sentinel EMS and the Administration Console from this iFrame, if needed.
|Enforce SL-UserMode format v2.0||
Improves the security level of SL-UserMode keys.
NOTE Clear this check box if you are working with V2C files that were generated using Sentinel LDK versions prior to 7.0. This disables the security enhancements of SL-UserMode and maintains compatibility.
SL-Admin keys for detached licenses
Prevents end users from applying a V2C file that formats a Sentinel SL key when the Product is detached from the key. This prevents users from taking advantage of a planned format action to detach and continue working with a Product license that should have been returned to the vendor.
Relevant for both SL AdminMode and SL Legacy keys.
NOTE Does not affect SL-Legacy keys when Enable SL Legacy Support is selected.
|Enable SL-Legacy Support||
After migration from BSS to EMS, enables you to send SL Legacy updates to your existing SL legacy key customers. These customers do not need to update the RTE to support certificate licenses.
|Upgrade to Latest RTE||
When selected, displays a message instructing users to upgrade the RTE to the latest version if the user's machine has an older version of Run-Time Installer (RTE) installed. This occurs only on Sentinel EMS pages that run applets, for example Check-in C2V, Check-in Key, Burn Key.
Minimum RTE/API Version
(Replaces Default Clone Protection Version in Sentinel EMS 7.10 and earlier)
Sets the following:
>The minimum version of the Sentinel LDK Run-Time Environment (RTE) and/or Licensing API libraries used to protect and run your application.
Sentinel LDK Run-Time Environment (RTE) is required for certain protection keys and certain run-time scenarios. For details, see the section on situations that require Sentinel LDK Run-Time Environment (RTE) in Sentinel LDK Software Protection and Licensing Guide.
We recommend upgrading both of these to the latest version when possible.
>The Sentinel LDK Run-Time Environment (RTE) to use when Platform Default clone protection is selected for a product.
Relevant only for the SL Locking type.
The Platform Default option instructs the system to use one of the pre-defined clone protection schemes to protect your physical and virtual machines. These schemes are continuously enhanced and new schemes are added from time to time.
Which value should I select?
Select the highest value that covers all licensed products in your customer base to ensure the best coverage for all. If you always provide the latest RTE and latest License Manager to your customers, select the latest version.
Alternatively, if one of your customers is using Sentinel LDK Run-Time Environment (RTE) 7.50, and the rest of your customers are using Sentinel LDK Run-Time Environment (RTE) 7.90, select 7.50 as this is the highest common version among your customers. Similarly, if the earliest Sentinel LDK License Manager used by one of your customers for SL UserMode keys is from Sentinel LDK 7.4, select 6.40.
For details on supporting protected applications in Docker containers, see the Sentinel LDK Software Protection and Licensing Guide.
NOTE In addition to Platform Default, Sentinel EMS lets you choose from pre-defined and custom clone protection schemes. For details, see the section on creating products in the Sentinel LDK—EMS User Guide.
By default, the generated V2C file name is same as the Key ID of the corresponding Entitlement. However, you can change the naming pattern of the V2C file. You can choose the V2C file name to contain either of the following parameter values or a combination of these.
|Option||V2C File Name||Characters Used for File Name|
|Key ID||<Key ID>.v2c||All characters are used|
|Ref ID 1||<RefID1>.v2c||First 85 characters are used|
|Ref ID 2||<RefID2>.v2c||First 85 characters are used|
|EID||<EID>.v2c||All characters are used|
|Customer Name||<Customer Name>.v2c||First 30 characters are used|
If you select multiple options:
- The V2C file name will contain the parameters separated by hyphen (-).
- The parameters in the file name appear in the order - EID, Key ID, Ref ID 1, Ref ID 2, Customer Name.
- Spaces or special characters that are not allowed in the file name are replaced by an underscore (_). This change is dictated by your web browser.
- If you choose one or more parameters from Ref ID 1, Ref ID 2, and Customer Name, there are chances that two C2V file names may become identical. In such scenarios, Key ID is prefixed to the name.
- The rule for number of characters taken for each parameter remains same as mentioned in the previous table.
- Some browsers may truncate the file name if it exceeds a certain number. Firefox uses the first 215 characters of the resulting name. Chrome uses the first 213 characters of the resulting name. Internet Explorer uses the last 152 characters of the name.
Following are some examples:
|Combination Examples||V2C File Name||Number of Characters|
|EID + Key ID + Ref ID 1||<EID>-<Key ID>-<Ref ID 1>.v2c||
All characters of EID + 1 (for hyphen) + All characters of Key ID + 1 (for hyphen) + First 85 characters of Ref ID 1
|Key ID + Ref ID 1 + Ref ID 2||<Key ID>-<Ref ID 1>-<Ref ID 2>.v2c||
All characters of Key ID + 1 (for hyphen) + First 85 characters of Ref ID 1 + 1 (for hyphen) + First 85 characters of Ref ID 2
|Key ID + Ref ID 1 + Ref ID 2 + Customer Name||<Key ID>-<Ref ID 1>-<Ref ID 2>-<Customer Name>.v2c||
All characters of Key ID + 1 (for hyphen) + First 85 characters of Ref ID 1 + 1 (for hyphen) + First 85 characters of Ref ID 2 + 1 (for hyphen) + First 30 characters of Customer Name
|Key ID + Customer Name||<Key ID>-<Customer Name>.v2c||
All characters of Key ID + 1 (for hyphen) + First 30 characters of Customer Name
|Ref ID 1 + Ref ID 2 + Customer Name||<Ref ID 1>-<Ref ID 2>-<Customer Name>.v2c||
First 85 characters of Ref ID 1 + 1 (for hyphen) + First 85 characters of Ref ID 2
The following action buttons are available at the bottom of the page.
|Sync Data For Channel Partner Module||When this button is clicked, EMS scans the database to link channel partners with their respective customers for all entitlements (irrespective of the state). For more information, see Troubleshooting.|
Generate/Update Lucene Search Index
|Data that is migrated into Sentinel EMS using the data migration tool is not picked by Lucene search utility by default. This feature helps you to index the data so that next time you run a Lucene search, the data is automatically captured.|
|Test Email||Send test e-mails to specified e-mail address. This works only if the SMTP details are provided and are valid.|
|Test SMTP||Verify that the SMTP server details provided are correct.|
|Save||Save the data and regenerate the rebranded RTE.|
The Administration Console does not provide options to edit the subject line for these e-mail certificates because of localization issues. You can configure the subject line values manually in the messages*.properties file for the required language. For example, for English, you would edit the following file:
The following table lists the properties available for configuring subject lines:
|Subject line for||Property||Default Value|
|Entitlement certificate e-mail||entCertEmailSubject||EMS - Entitlement Certificate|
|License certificate e-mail||licCertEmailSubject||EMS - License Certificate|
|Contact certificate e-mail||contCertEmailSubject||EMS - User Registration|