Skip to main content

Work with rl-secure licenses

The rl-secure license is a file generated by ReversingLabs for the purpose of controlling rl-secure usage.

To work with rl-secure, you must have a valid and activated rl-secure license. Two types of licenses exist:

  • Single machine license, intended for individual users. It's tied to the automatically generated serial number on the local machine. Because of this, it's ideal for everyday rl-secure usage on typical workstations.
  • Site-wide deployment license, intended for CI/CD and ephemeral deployments. It is tied to a site-wide key that allows you to install rl-secure on multiple systems with the same license.

You should request the most appropriate license for your use case from ReversingLabs during the initial rl-secure setup.

Workflow overview:

  • Choose the license type
  • Request license from ReversingLabs
  • Install rl-secure
  • Activate license

How does the rl-secure license work?โ€‹

Your license contains credentials for the ReversingLabs cloud services and determines how much analysis capacity you get.

This analysis capacity is always monthly and automatically resets to zero on the first day of any given month. If you're both a Portal and CLI user, this analysis capacity is divided between the two and can only be configured in the Portal interface.

Scanning a software package deducts its size (file size on disk) from the monthly analysis capacity. The following exceptions apply to all users:

  • Package reprocessing (using the sync command) does not count towards the monthly analysis capacity.
  • Reproducibility checks (using the ?build=repro option with the scan command) do not count towards the monthly analysis capacity.

Licensing also impacts the maximum allowed package size. Scanning will not start if the package size exceeds the analysis capacity and/or the maximum allowed individual file size.

The following example illustrates the error you would receive if you tried to scan a package larger than the allocated maximum while being close to exceeding your monthly analysis capacity.

Preparing ...
License: Artifact size exceeds the maximum of 10.00 GB
License: Artifact size exceeds the monthly analysis limit (0.01 GB remaining)

In addition to the default analysis capacity that comes with your license, there is also Flex.

The Flex option is a promotional add-on to your license provided by ReversingLabs. It increases the analysis capacity allocated to your account for a limited time period. During this time, you get more capacity for processing your packages.

When Flex is enabled for your account, your default analysis capacity is used first. The Flex capacity is used only when you exceed your purchased analysis capacity.

Check your license statusโ€‹

You can check the status of your license at any time by using the license command:

rl-secure license status

With the status sub-command, you can get information about your serial number, the status of your license, and information on Flex, if it exists for your account.

The license status can be one of the following:

  • unlicensed (not activated yet)
  • invalid
  • expired
  • revoked

If you're running rl-secure license status for the first time, the status will be unlicensed and you will be prompted to send your machine serial number to ReversingLabs. This is the first step in the rl-secure installation process.

Activate your licenseโ€‹

The rl-secure tool requires activating a license key as the last step of the installation process.

The process of license activation depends on the product and the type of license you need for your particular purpose. You can use a license tied to a single machine or a license with a site-wide key that can be deployed on multiple machines.

The following table illustrates which rl-secure license can be used with which product.

Single machine licenseSite-wide deployment license
rl-secureโœ”๏ธโœ”๏ธ
rl-deployโœ”๏ธโœ”๏ธ
rl-scanner Docker imageโŒโœ”๏ธ

Activate your Single machine licenseโ€‹

rl-secureโ€‹

  • After extracting and setting up rl-secure, run the following command:

    rl-secure license status

    The output of this command includes your machine key. Copy the machine key and store it in a safe place.

  • Send an email with your machine key to ReversingLabs Support. You can use the following template for the email contents:

    Subject: rl-secure license request

    Body:

    Hello,

    I am [your name] from [your company, organization or other affiliation]
    and I would like to request a rl-secure license key.

    My machine key: [copy and paste your machine key here]

    Thanks,
    [your signature]
  • ReversingLabs Support will send you the license key as a single file named license.key.

  • Save the license file on your system. It's practical (but not required) to save it into the same directory where you extracted the rl-secure archive.

  • To activate your license, run the following command in the directory where you placed the license key file:

    rl-secure license install license.key

    The command displays the license activation process and informs you when it's successfully completed.

rl-deployโ€‹

To install rl-secure with rl-deploy, you need to provide your license in the installation command.

During the installation, rl-deploy will automatically activate your license if it's valid and correctly provided.

The license can be provided in any of the following formats:

  • as a path to the license file
  • as a string representing Base64-encoded contents of the license file

For CI/CD and similar automated deployments, it's usually more convenient to provide the license as a string directly in the command.

Workflow:

  • After extracting and setting up rl-secure, run the following command:

    rl-secure license status

    The output of this command includes your machine key. Copy the machine key and store it in a safe place.

  • Send an email with your machine key to ReversingLabs Support. You can use the following template for the email contents:

    Subject: rl-secure license request

    Body:

    Hello,

    I am [your name] from [your company, organization or other affiliation]
    and I would like to request a rl-secure license key.

    My machine key: [copy and paste your machine key here]

    Thanks,
    [your signature]
  • ReversingLabs Support will send you the license key as a single file named license.key.

  • Save the license file on your system. It's practical (but not required) to save it into the same directory where you extracted the rl-secure archive.

  • Install rl-secure to the specified directory. Make sure to run the installation commands with the same permissions that will be used to run rl-secure later.
rl-deploy install /path/to/installation-directory --license-file=/path/to/license-file --no-tracking

Python workaround:

python3 -m rldeploy install /path/to/installation-directory --license-file=/path/to/license-file --no-tracking
Notes and workarounds

The optional --no-tracking parameter hides progress bars in the output to prevent potential issues with CI/CD tools and logs.

In some cases, the rl-deploy command may not work correctly when installed from PyPI. If you encounter this issue, replace rl-deploy with python3 -m rldeploy in your installation command as a workaround.

If you installed rl-deploy from PyPI and it refuses to install rl-secure because it's outdated, run pip install --upgrade rl-deploy to update it to the latest version.

  • Confirm that rl-secure is successfully installed.

    rl-secure --version
  • Verify the license is successfully activated.

    rl-secure license status

Activate your Site-wide deployment licenseโ€‹

rl-secureโ€‹

  • Send an email to ReversingLabs Support and request a license to be used with a site key. You can use the following template for the email contents:

    Subject: rl-secure site-wide license request

    Body:

    Hello,

    I am [your name] from [your company, organization or other affiliation]
    and I would like to request a rl-secure license and a site key.

    Thanks,
    [your signature]
  • ReversingLabs Support will send you the license key as a single file and the site key as a plaintext string.

  • Save the license file on your system and note down the site key for later use. You will need it on all machines where you plan to install rl-secure with that license.

    It's practical (but not required) to save the license file into the same directory where you extracted the rl-secure archive. If you plan to deploy rl-secure in CI/CD, the site key needs to be used for each ephemeral run, and your DevOps teams will need access to it.

  • To activate your license, run the following command in the directory where you placed the license file:

    rl-secure license install license.file --site-key=your-site-key

    The command displays the license activation process and informs you when it's successfully completed.

rl-deployโ€‹

  • Send an email to ReversingLabs Support and request a license to be used with a site key. You can use the following template for the email contents:

    Subject: rl-secure site-wide license request

    Body:

    Hello,

    I am [your name] from [your company, organization or other affiliation]
    and I would like to request a rl-secure license and a site key.

    Thanks,
    [your signature]
  • ReversingLabs Support will send you the license key as a single file and the site key as a plaintext string.

  • Save the license file on your system and note down the site key for later use. You will need it on all machines where you plan to install rl-secure with that license.

    It's practical (but not required) to save the license file into the same directory where you extracted the rl-secure archive. If you plan to deploy rl-secure in CI/CD, the site key needs to be used for each ephemeral run, and your DevOps teams will need access to it.

  • Install rl-secure to the specified directory. Make sure to run the installation commands with the same permissions that will be used to run rl-secure later.
rl-deploy install /path/to/installation-directory --license-file=/path/to/license-file --site-key=your-site-key --no-tracking

Python workaround:

python3 -m rldeploy install /path/to/installation-directory --license-file=/path/to/license-file --site-key=your-site-key --no-tracking
Notes and workarounds

The optional --no-tracking parameter hides progress bars in the output to prevent potential issues with CI/CD tools and logs.

In some cases, the rl-deploy command may not work correctly when installed from PyPI. If you encounter this issue, replace rl-deploy with python3 -m rldeploy in your installation command as a workaround.

If you installed rl-deploy from PyPI and it refuses to install rl-secure because it's outdated, run pip install --upgrade rl-deploy to update it to the latest version.

  • Confirm that rl-secure is successfully installed.

    rl-secure --version
  • Verify the license is successfully activated.

    rl-secure license status

rl-scannerโ€‹

The rl-scanner Docker image can be used with an existing site-wide license that was previously activated with either rl-secure or rl-deploy.

If you're a new user or you simply haven't activated your license yet, you can do so by storing your encoded license and site key into environment variables. This way, rl-deploy can access them from the Docker container and activate the license during the rl-secure installation.