Frequently Asked Questions
Share:
Find quick answers to common technical and product-related questions about Wibu-Systems solutions. This FAQ section brings together guidance for AxProtector, CodeMeter, CodeMeter License Central, SmartShelter, and WibuKey, along with practical instructions for using the Wibu-Systems Support Portal to submit and track support tickets. Select the relevant area below to access dedicated FAQs, troubleshooting notes, and recommendations.
General
- With an AxProtector version 11.10 or newer from CodeMeterSoftware Development Kit (SDK) version 7.50 or newer a warning is displayed, i the license for using AxProtector is about to expire. You should use therefore the latest licensed AxProtector version.
You can renew or collect the required licenses yourself via our License Portal. Please open the link https://license.wibu.com/portal/ and proceed as follows:
1. Login to License Portal, if you already have registered.
Alternatively, enter the necessary Ticket Id in the Ticket field.
The Ticket Id can be found in the COLI field (Customer Owned License Information)
displayed in the license in your Firm Security Box (FSB).
You can read this field e.g. via CodeMeter WebAdmin.
2. Click the "Renew licenses" button to renew or collect the licenses.
The retrieval of the licenses works either directly, by plugging in the respective CmContainer, or
using a current Context File (WibuCmRaC) of the respective CmContainer.
If no "Renew licenses" button is displayed, although the license has not been renewed, or should other questions/difficulties arise, please contact our sales department at sales@wibu.com.
You can ignore this message if you have recently received new AxProtector licenses - This error message results from a security feature activated on default, i.e. the code integrity check. In AxProtector you are able to activate or deactivate this feature. In the AxProtector GUI you find this option on the navigation page "Security options | Advanced". For the commandline use the parameter -cav.
Please note that the -cav option cannot or should not currently be used when using the Gnu Compiler Collection (GCC) under Windows. At runtime, GCC compiles in such a way that it is not possible to pre-calculate the checksums for later validation.
The code integrity check covers your protected application and DLLs to ensure at runtime, that the files are your original files and no manipulated files are used. In addition, for every second runtime check also the memory integrity of the process space of your application is checked. If then, for example, at runtime, a third party program modifies something in the memory of the process room, for security reasons the check triggers the exit of your application, for example, to prevent a reverse engineering of other manipulations of your application at runtime. Please find a description and more information in the separate CodeMeter Developer Guide documentaion in sections "Automatic Software Protection using AxProtector | AxProtector Tab | Windows Application or DLL | Security Options | Advanced Security Options" and "Automatic Software Protection using AxProtector | Commandline Options for AxProtector | Options for Encrypting and Decrypting".
If the code integrity check falsely strikes, this may also may be triggered by an anti-virus programs. These may also check modifications in memories of running applications. Then it is recommended to exclude your protected application from the anti-virus check and to specify the application as exception. - Wibu-Systems recommends to perform the encryption with AxProtector.
More precise: use the AxProtector GUI user interface to define the encryption parameters that will be used to call the actual AxProtectors.
Our AxProtectors are all pure command line programs.
For example, to automate the encryption process, you can export the encryption parameters to a file <ExportedFile> via the menu "File | Export" of the AxProtector GUi.
Then you can use the AxProtector @<ExportedFile>.wbc parameters to perform the encryption via command line, batch call, post build event in Visual Studio, etc.
The procedure for encrypting .NET assemblies or Java 'Jar' files is identical to AxProtectorNet.exe @<ExportedFile>.xml or java -jar AxProtector.jar @<ExportedFile>.xml.
You should make further changes to the encryption parameters in your AxProtector project via the AxProtector GUI and preferably test them with it.
Then you can simply export the encryption parameters again.
If you use the same options for different files, you can also customize the XML and delete the last two parameters regarding the source/destination file and add them to the command line:
AxProtector.exe -o: "protected\App.exe" "toprotect/App.exe @<ExportedFile>.xml - In newer versions of AxProtector the new cpsrt.dll (CodeMeter Protection Suite Runtime) is used as a native component at runtime. Certificates are used to secure the communication between this runtime component and the protected application. This requires that you have an appropriate certificate in your CodeMeter FSB when encrypting.
If this is missing, the error XPM6145 occurs.
The solution is to request and install a corresponding update for your CodeMeter FSB. To do this, you can send an e-mail to license@wibu.com with the subject "Certificate License Update".
Additionally, attach a Context File of Firm Code 99 of your CodeMeter FSB to the mail.
To create a suitable context file, please proceed as follows:
1. Open CodeMeter Control Center.
2. Select on the left side the license from which you want to create the context file. 3.
3. Click the "License Update" button. Now the CmFAS Wizard should open.
4. Click the "Next" button.
5. Select the first option "Create license request" and click the "Next" button.
6. Select the first option "Extend existing license" and click the "Next" button. 7.
7. Select the Firm Code 99. click the "Next" button.
8. Select the file location.
More information about cpsrt.dll can also be found in the CodeMeter Developer Guide at:
Automatically Protecting Software with AxProtector > Advanced AxProtector Options: CPSRT - CodeMeter Protection Suite Runtime as native component. - If you want to create your own UserMessage.dll, you find the required information in the attached PDF document.
A simple example of a self-generated UserMessage.dll can be found for C++ as "UserMessage | UserMessageSimpleGUI" and for C# as "UserMessage | UserMessageSimple" since CodeMeter version 6.80 in our examples in the CodeMeter Software Development Kit (SDK).
If you want to use the UserMessage without *.ini files, we recommend that you use this example as a template.
The source code of the standard UserMessage.dll, which uses *.ini files, can also be found in our examples, for C++ as "UserMessage | UserMessage" and for C# as "UserMessage | UserMessage". - To customize the license error handling, please proceed as follows depending on your AxProtector-Projecttype:
AxProtector Windows & AxProtector .NET
1. Go to the "Error messages" tab in the AxProtectorGUI.
2a. In AxProtector Windows select the option "User Message DLL" and keep the default file name (-u: "UserMsg").
2b. In AxProtector .NET select the option "Inline messages" (-ui).
3. After encryption, the target directory of the encrypted application will also contain
UserMessage *.ini files for different languages.
4. Adjust and change the UserMessage.ini file:
Gui=off
Logging=on
LogPath="C:\Temp\Logs"
5. Optionally, you can also adjust the retry behavior:
RetryTimeOut=1
NumberOfRetries=10
AxProtector Java
1. Select in AxProtectorGUI in the tab "Error messages" the option "User Message Class".
2. Enter class name 'com.wibu.xpm.MessageHandler' (-u: "com.wibu.xpm.MessageHandler").
Note:
The filenames of the *.ini files must be named the same as the dll. If your dll is called UserMsg.dll, the ini files used must also be named UserMsg*.ini. - To prevent the pop-up of the MessageBoxes in case of errors in AxProtector (e.g. no FSB found), please proceed as follows:
- Copy the two files UserMsgUs.dll and UserMessage.ini from the directory C:\Program Files\WIBU-SYSTEMS\AxProtector\Devkit\bin\UserMessage to the directory from which you are using AxProtector (default "C:\Program Files (x86)\WIBU-SYSTEMS\AxProtector\Devkit\bin)
- Open the UserMessage.ini configuration file
- Edit the following entries in the [Service] section
--
[Service]
Gui=off
;[on/off]
Logging=on
;[on/off]
; Destination for log files - current user requires write privileges to that directory
; Gui=off should be set to disable message boxes and redirect error messages to log files
LogPath="C:\Users\Default\AppData\Local\Temp"
---
This activates the GUI interface and logging. No more graphical error messages are displayed. - AxProtector has the option --isprotected <file>, which provides information about the AxProtector encryption of any file.
With this you can control, for example, whether an application is already protected, or if necessary, with which version of AxProtector it was protected.
Depending on the AxProtector variant, you will then get the following outputs for a protected file :
Native:
AxProtector: warning 6004 - Image is already protected with Ax-/Ex- or IxProtector version 10.70.4402.
.NET Framework:
Image is already protected with AxProtector .NET.
.NET Standard:
Error 201: Using AxProtectorNet for Netstandard requires "-ui" or "-um" parameter to be set.
Java:
Info: Application is already protected with Ax- or IxProtector version 10.200a Build 3164 of 2018-Sep-26. - Encrypting may produce arbitrary patterns, and, as a result, an anti-virus program may detect these as a potential virus.
Short-term actions
You may check the settings of the anti-virus program. Eventually, very strict settings or additionally advanced options are the reason for the virus detection.
Moreover, you may declare the application an exception in the respective anti-virus program.
Medium-term actions
You may send your application to the respective anti-virus software vendor to allow the next update of the anti-virus program to skip the detection. However, the next application or a new version may be affected again.
Lasting actions
Virus scanner evaluate applications according to specific behavior patterns or anomalities. Usually, a scoring system applies.
The details which behaviour patterns are detected, how these are weighted and what the threshold is when an application is regarded a virus is the secret of the anti-virus software vendor. Sure enough the protection mechanism used in encrypting add some points to the score, as confering with anti-virus software vendors shows. Viruses use exactly these mechanisms to mask themselves. This explains why thresholds are quickly reached and why protected applications, in particular, are often declared as false positives.
There are also possibilities to collect plus points in this scoring system, e.g. if the manufacturer signs an application with Authenticode, this has a positive effect. The risk of virus classification is thus significantly minimized, but there is no 100% guarantee of correct classification. - To test IP Protection (exclusive protection without licensing), you need an additional license in your Firm Security Box (FSB): 100021:1600. This license is available as a demo version on request from the sales team (sales@wibu.com).
Further information about IP Protection can be found in the CodeMeter developers guide: "Automatic Software Protection using AxProtector (Tool of CodeMeter Protection Suite)| Advanced AxProtector Options |IP Protection - protecting know how ".
The options described under "Usage" are entered in the *.wbc file that is exported from the AxProtector GUI.
The appendix explains how the *.wbc file might look if the entire application is encrypted using IP Protection. - If the UserMessage dialog displays without an image, the following reasons may apply:
- The image file specified in the UserMessageXX.ini does not exist.
- The image used has the wrong dimensions. The image must be 160*385 pixels in size.
- The used image has a bit depth unequal to 24 bit.