How to get electron key

21.08.202221.08.2022 admin 0 Comments how, how to made, как, как сделать, как создать, совими руками

How to get electron key

Подписывание кода

On macOS, the system can detect any change to the app, whether the change is introduced accidentally or by malicious code.

On Windows, the system assigns a trust level to your code signing certificate which if you don’t have, or if your trust level is low, will cause security dialogs to appear when users start using your application. Trust level builds over time so it’s better to start code signing as early as possible.

Можно распространять неподписанные приложения, но не рекомендуется. Both Windows and macOS will, by default, prevent either the download or the execution of unsigned applications. Starting with macOS Catalina (version 10.15), users have to go through multiple manual steps to open unsigned applications.

As you can see, users get two options: Move the app straight to the trash or cancel running it. You don’t want your users to see that dialog.

Если вы создаете приложение Electron, которое собираетесь упаковывать и распространять, оно должно быть подписано.

Signing & notarizing macOS builds

Properly preparing macOS applications for release requires two steps. First, the app needs to be code signed. Then, the app needs to be uploaded to Apple for a process called notarization, where automated systems will further verify that your app isn’t doing anything to endanger its users.

To start the process, ensure that you fulfill the requirements for signing and notarizing your app:

Electron’s ecosystem favors configuration and freedom, so there are multiple ways to get your application signed and notarized.

Using Electron Forge

The entitlements.plist file referenced here needs the following macOS-specific entitlements to assure the Apple security mechanisms that your app is doing these things without meaning any harm:

To see all of this in action, check out Electron Fiddle’s source code, especially its electron-forge configuration file.

If you plan to access the microphone or camera within your app using Electron’s APIs, you’ll also need to add the following entitlements:

If these are not present in your app’s entitlements when you invoke, for example:

Your app may crash. See the Resource Access section in Hardened Runtime for more information and entitlements you may need.

Using Electron Builder

Electron Builder comes with a custom solution for signing your application. You can find its documentation here.

Using Electron Packager

The entitlements.plist file referenced here needs the following macOS-specific entitlements to assure the Apple security mechanisms that your app is doing these things without meaning any harm:

Вплоть до Electron 12 элемент com.apple.security.cs.allow-unsigned-executable-memory обязателен. Тем не менее, его больше не следует использовать, если есть возможность.

Signing Mac App Store applications

Подписывание сборок для Windows

Перед подписью, следует:

Вы можете получить сертификат от множества продавцов, включая самых популярных. Цены варьируются, поэтому это может стоить вашего времени, чтобы ходить по магазинам. Популярные реселлеры включают:

Keep your certificate password private

Your certificate password should be a secret. Do not share it publicly or commit it to your source code.

Using Electron Forge

For example, if you keep your Forge config in your package.json file and are creating a Squirrel.Windows installer:

Using electron-winstaller (Squirrel.Windows)

electron-winstaller is a package that can generate Squirrel.Windows installers for your Electron app. This is the tool used under the hood by Electron Forge’s Squirrel.Windows Maker. If you’re not using Electron Forge and want to use electron-winstaller directly, use the certificateFile and certificatePassword configuration options when creating your installer.

For full configuration options, check out the electron-winstaller repository!

Using electron-wix-msi (WiX MSI)

electron-wix-msi is a package that can generate MSI installers for your Electron app. This is the tool used under the hood by Electron Forge’s MSI Maker.

If you’re not using Electron Forge and want to use electron-wix-msi directly, use the certificateFile and certificatePassword configuration options or pass in parameters directly to SignTool.exe with the signWithParams option.

For full configuration options, check out the electron-wix-msi repository!

Using Electron Builder

Electron Builder comes with a custom solution for signing your application. You can find its documentation here.

How can I authorise an installation of an Electron application?

If you needed to do some kind of an authorization mechanism to an Electron application, what libraries/frameworks would you use for it?

Basic requirements would be that the user enters either a key or some identification information about himself and their right to use the application can be remotely allowed/blocked as necessary.

Kind of like a license key, but a bit more flexible in terms of defining when their right of use ends.

2 Answers 2

Trending sort

Trending sort is based off of the default sorting method — by highest score — but it boosts votes that have happened recently, helping to surface more up-to-date answers.

It falls back to sorting by highest score if no posts are trending.

Switch to Trending sort

Your question is a little vague (and not really a programming question).

Are you talking about software licensing? I’ve researched this quite a bit and, while there are a bunch of turnkey solutions, they tend to be relatively expense (monthly subscription fees, etc).

The API is trivial to interface with through Javascript – to active a license, check license validity, and check for updates.

An open source project I found was Simple Licensing. That is free but is less well documented and there isn’t any support.

It depends. I’ve detailed in this answer how to generate and verify cryptographically signed license keys without a license server. But cryptographic license keys like that are usually perpetual (though can have a fixed expiration inside of the key), and it sounds like you want something a bit more dynamic when it comes to a license’s validity, since you mentioned that you want to be able to remotely block a license.

That’s where a license server would come in.

At its core, most licensing servers are CRUD apps, meaning they’re the typical server allowing you to create, read, update, and delete resources. In this case, that resource would be a license. You would want to create a server endpoint that takes a license key parameter, performs a database lookup for the key, and if the key exists check if the key is expired among other requirements such as its blocked column.

Here’s a basic Express app that does that, minus the pg database bits:

But in case you aren’t particularly keen on writing and maintaining your own in-house licensing system, I’m the founder of a software licensing API called Keygen which can help you get up and running quickly without having to write and host your own license server.

Keygen is a typical HTTP JSON API service (i.e. there’s no software that you need to package with your app). It can be used in any programming language and with frameworks like Electron. As per your main requirement here, it supports remotely suspending (blocking) licenses.

In its simplest form, validating a license key with Keygen is as easy as hitting a single JSON API endpoint (feel free to run this in a terminal):

Code Signing

Code signing is a security technology that you use to certify that an app was created by you. You should sign your application so it does not trigger any operating system security checks.

On macOS, the system can detect any change to the app, whether the change is introduced accidentally or by malicious code.

While it is possible to distribute unsigned apps, it is not recommended. Both Windows and macOS will, by default, prevent either the download or the execution of unsigned applications. Starting with macOS Catalina (version 10.15), users have to go through multiple manual steps to open unsigned applications.

As you can see, users get two options: Move the app straight to the trash or cancel running it. You don’t want your users to see that dialog.

If you are building an Electron app that you intend to package and distribute, it should be code signed.

Signing & notarizing macOS buildsвЂ‹

To start the process, ensure that you fulfill the requirements for signing and notarizing your app:

Electron’s ecosystem favors configuration and freedom, so there are multiple ways to get your application signed and notarized.

Using Electron ForgeвЂ‹

The entitlements.plist file referenced here needs the following macOS-specific entitlements to assure the Apple security mechanisms that your app is doing these things without meaning any harm:

Note that up until Electron 12, the com.apple.security.cs.allow-unsigned-executable-memory entitlement was required as well. However, it should not be used anymore if it can be avoided.

To see all of this in action, check out Electron Fiddle’s source code, especially its electron-forge configuration file.

If you plan to access the microphone or camera within your app using Electron’s APIs, you’ll also need to add the following entitlements:

If these are not present in your app’s entitlements when you invoke, for example:

Your app may crash. See the Resource Access section in Hardened Runtime for more information and entitlements you may need.

Using Electron BuilderвЂ‹

Electron Builder comes with a custom solution for signing your application. You can find its documentation here.

Using Electron PackagerвЂ‹

The entitlements.plist file referenced here needs the following macOS-specific entitlements to assure the Apple security mechanisms that your app is doing these things without meaning any harm:

Up until Electron 12, the com.apple.security.cs.allow-unsigned-executable-memory entitlement was required as well. However, it should not be used anymore if it can be avoided.

Signing Mac App Store applicationsвЂ‹

Signing Windows buildsвЂ‹

Before signing Windows builds, you must do the following:

You can get a code signing certificate from a lot of resellers. Prices vary, so it may be worth your time to shop around. Popular resellers include:

Keep your certificate password private

Your certificate password should be a secret. Do not share it publicly or commit it to your source code.

Using Electron ForgeвЂ‹

For example, if you keep your Forge config in your package.json file and are creating a Squirrel.Windows installer:

Using electron-winstaller (Squirrel.Windows)вЂ‹

For full configuration options, check out the electron-winstaller repository!

Using electron-wix-msi (WiX MSI)вЂ‹

electron-wix-msi is a package that can generate MSI installers for your Electron app. This is the tool used under the hood by Electron Forge’s MSI Maker.

For full configuration options, check out the electron-wix-msi repository!

Using Electron BuilderвЂ‹

Electron Builder comes with a custom solution for signing your application. You can find its documentation here.

How I sign and notarize my Electron app on MacOS

Distributing a desktop application for MacOS requires signing it and getting it notarized by Apple. MacOS won’t let the app run otherwise.

I distribute my Electron app outside of the App Store, via download on my website. If you’re distributing via the App Store, the steps may be different than what I have here. Note I am based in the United States, and I did all this on a new (as of 2021) Mac Mini with M1 chip.

Here are the steps I took to get my Electron app signed and notarized:

Let’s go over each step.

1. Sign up for the Apple Developer Program

Go to the Apple website to enroll in the Developer Program: https://developer.apple.com/programs/

This comes with a cost. At the time of this writing, it was 99 USD per membership per year.

Enrollment gives you two options: Individual or organization. I enrolled as an organization (using my registered LLC). This is because I like to conduct business under my business name, to benefit from the legal structure that an LLC gives me. Enrolling as an organization has more requirements for verification than an individual. I needed a DUNS number, a website, and a custom domain email. Apple called me to verify my business.

2. Create and install certificates

After completing enrollment and verification, I got a developer account on developer.apple.com. I signed in on there, went to Certificates, IDs, & Profiles.

I created two certificates, one of Developer ID Application type and one of Developer ID Installer type. Once created and download, a double-click on the file should install them in your Keychain.

3. Sign while building

With those certificates in my keychain, here’s relevant config from my electron-builder.yml:

Exit fullscreen mode

Apparently electron-builder automatically uses the certificates in my keychain, because I don’t have to mention them in the config.

I did have to create an entitlements.mac.plist file. Otherwise my app, when run, would request random weird permissions that it didn’t need. I looked at the docs and some open source examples (e.g. Athens) and came up with this:

Exit fullscreen mode

This may or may not be appropriate for your app. One requirement of my app is to run third-party executables (Prisma) that I’ve bundled with the app.

4. Notarize

The final step to getting the app to run on Mac is notarization. There are some good tutorials online on how to do this with electron-builder that I referred to (see https://philo.dev/notarizing-your-electron-application/ and https://kilianvalkhof.com/2019/electron/notarizing-your-electron-application/ ).

Exit fullscreen mode

With this, electron-builder signs and notarizes my app. The app is then ready for distribution.

The notarization step takes 5-10 minutes for my app.

See How I code signed an Electron app on Windows for the Windows equivalent of this process.