To report a found bug,
please select the text with the bug and click Report a Bug
or CTRL+ENTER.
Help
system 10.9 of 26/11/2025,
©
FORESIGHT
In this article:
Step 1. Installing Licensing Service
Step 2. Preliminary Licensing Service Work Setup via the HTTPS Protocol.
Step 3. Setting Up Licensing Service Configuration
Step 4. Connecting Licensing Service
Step 5. Starting Licensing Service
Setting Up License Server Fault Tolerance
The licensing service is used to handle queries from the web application (BI server) or desktop application to license server. Foresight Analytics Platform requests required features, the licensing service handles the obtained queries and redirects them to the license server.
The licensing service is the licman utility with built-in support of parallel queries for the software, based on which the license server works: Guardant or RMS.
NOTE. To get the licensing service, contact technical support by sending a request to support@fsight.ru or technical support services, which are available after registration at the website.
Licensing service installation depends on the operating system. In Linux OS installation is executed using a distribution file, in Windows OS installation is not required, one needs only to place licensing service files in any folder.
To install the licensing service in Linux OS:
Copy the obtained licensing service distribution file to the home directory: /home/<use name>:
Guardant:
foresight-licman_guardant*.deb for Debian-based distributions.
foresight-licman_guardant*.rpm for RedHat-based distributions and ALT Linux.
RMS:
foresight-licman_rms*.deb for Debian-based distributions.
foresight-licman_rms*.rpm for RedHat-based distributions and ALT Linux.
Install the copied distribution of the licensing service:
Astra Linux:
sudo dpkg -i foresight-licman*.deb
Rocky Linux:
sudo yum localinstall foresight-licman*.rpm
RED OS:
sudo dnf install foresight-licman*.rpm
ALT Linux:
sudo apt-get install -y foresight-licman*.rpm
NOTE. Distributions can be installed using another utility.
After executing the operations, the following is created:
/opt/foresight/licman. Main files of the licensing service: the licman utility and the settings.json configuration file.
/etc/systemd/system/licman.service. The licman.service service for managing the licensing service. The service is started right after distribution installation and works in the background mode.
/var/log/licman/licman.log. The file, to which debug info that is output during licensing service work is written. It is created if the settings.json file has the logLevel field that is set to info or log.
/var/log/licman/error.log. The file, to which the errors that occur during licensing service work are written. It is created if the settings.json file has the logLevel field that is set to info or log. For details about possible errors that occur during Guardant work see the official documentation.
To work with the licman.service service and to manage the licensing service, execute the command:
sudo systemctl start/restart/stop licman.service
To work with the licensing service in Windows OS, create a folder, for example, C:\Licman, and place the obtained licensing service files in it:
licman_guardant.exe to work with a Guardant based license server or licman_rms.exe to work with an RMS based license server.
settings.json.
The C:\Licman folder is used for illustration purposes and may be different.
By default, the licensing service interacts with Foresight Analytics Platform via the HTTPS protocol.
For preliminary licensing service work setup via the HTTPS protocol:
Prepare security certificates:
Root security certificate with the CRT extension.
Certificate of the server, on which licensing service is located, with the PEM extension.
Private key of server certificate with the PEM extension.
Security certificates include a set of information about the certificate owner, the certificate owner's public key, the subject that issued and signed the certificate, and information for certificate validation. Each certificate is time-restricted. The licensing service is available if the certificates are valid at the moment of licensing service use. If required, update the certificates or extend their validity period.
Place the security certificates in the folder:
/opt/foresight/ssl in Linux OS.
C:\Licman in Windows OS.
Import the root certificate to a trusted root certificate store depending on the operating system.
To import the root certificate to a trusted root certification authority store in Linux OS:
Debian-based distributions:
Create the fp-licman-certs folder and cipy the root security certificate to it:
sudo mkdir /usr/share/ca-certificates/fp-licman-certs
sudo cp <path to folder>/<certificate name>.crt /usr/share/ca-certificates/fp-licman-certs/fp-licman-ca.crt
After executing the operations the folder /usr/share/ca-certificates/fp-licman-certs is created with the fp-licman-ca.crt root certificate.
Open the /etc/ca-certificates.conf file for edit and add a string to the end of the file:
sudo echo "fp-licman-certs/fp-licman-ca.crt" >> /etc/ca-certificates.conf
Apply configuration changes:
sudo update-ca-certificates -v
RedHat-based distributions and ALT Linux:
Copy the root security certificate to the folder /etc/pki/ca-trust/source/anchors:
sudo cp <path to folder>/<certificate name>.crt /etc/pki/ca-trust/source/anchors/fp-licman-ca.crt
After executing the operation the folder /etc/pki/ca-trust/source/anchors contains the fp-licman-ca.crt root certificate.
Apply configuration changes:
sudo update-ca-trust
After executing the operations the root certificate is imported to the trusted root certification authority store.
To import the root certificate to a trusted root certification authority store using Windows OS tools:
Double-click the *.crt root certificate. The Certificate dialog box opens.
Click the Install Certificate button. The certificate import wizard opens.
Select the Current User store location and click the Next button.
Select the Place All Certificates to the Following Store radio button, select the Trusted Root Certification Authorities certificate store in the Select Certificate Store dialog box and click the Next button.
After executing the operations the root certificate is imported to the trusted root certification authority store.
For other options of certificate installation and import in various operating systems and browsers see the public services portal.
After executing the operations the licensing service is set up to work via the HTTPS protocol.
When setting up licensing service configuration at Step 3, in the settings.json file specify licensing service work parameters via the HTTPS protocol in settings of the secure field.
When connecting the licensing service at Step 4, in the settings.xml file in the Port parameter specify number of the port, at which the licensing service is available via the HTTPS protocol. Default port: 8511.
To set up licensing service configuration, use the settings.json file located in the folder:
/opt/foresight/licman in Linux OS.
C:\Licman in Windows OS.
By default, the settings.json file has the main fields server and port set to provide licensing service work via the HTTP protocol:
{
"server": "localhost",
"port": 8510
}
To provide licensing service work via the HTTPS protocol, set the main fields secure, server and additional fields if required.
The example of the settings.json file:
{
"server": "localhost",
"secure":{
"port": 8511,
"key": "/opt/foresight/ssl/fp_licman_server_key.pem",
"cert": "/opt/foresight/ssl/fp_licman_server_cert.pem"
}
}
For details about contents of the settings.json file see the Setting Up Licensing Service Configuration section.
To apply change in licensing service configuration in the settings.json file, restart the licman.service service in Linux OS:
sudo systemctl restart licman.service
To connect the licensing service and to provide communication between Foresight Analytics Platform and license server via the licensing service create the License section with the Service section in the settings.xml file with the following parameters:
Active. Indicates whether Foresight Analytics Platform communicates with license server via licensing service. Available values:
True. Foresight Analytics Platform communicates with license server via licensing service.
False. Default value. Foresight Analytics Platform communicates directly with license server.
NOTE. Direct communication is available only if an RMS based license server is used.
If a Guardant based license server is used, set the parameter to True.
Secure. Indicates whether licensing service works via the HTTPS protocol. Available values:
True. Default value. Licensing service works via the HTTPS protocol.
False. Licensing service works via the HTTP protocol.
Host. IP address or DNS name of the licensing service. Default value: localhost.
Port. Number of the port, on which the licensing service is available:
Via the HTTPS protocol - 8511. It is used if the Secure parameter is set to True. When this port is specified, port number should match with the value of the port field specified in the secure field in the settings.json file.
Via the HTTP protocol - 8510. If is used if the Secure parameter is set to False. If this port is specified, port number should match with value of the port field in the settings.json file.
TlsVersion. Version of the Transport Layer Security (TLS) protocol used for creating a secure communication channel between computers in the network. The 1.2 version is used by default. It is recommended to use TLS 1.2 or later.
The example of the License section in settings.xml:
When licensing service works via the HTTPS protocol:
<Key Name="License">
<Key Name="Service" Active="True" Host="localhost" Port="8511"/>
</Key>
When licensing service works via the HTTP protocol:
<Key Name="License">
<Key Name="Service" Active="True" Secure="False" Host="localhost" Port="8510"/>
</Key>
To apply licensing service connection parameters in the web application, restart the BI server. If the desktop application is opened, restart it.
To start the licensing service:
In Linux OS start or restart the licman.service service:
sudo systemctl start/restart licman.service
In Windows OS start the utility licman_guardant.exe/licman_rms.exe.
When the licensing service is started, it is checked if there is the settings.json valid file:
If the settings.json file is in the same folder with the licman utility and is valid, the specified field values are used.
If the settings.json file is not in the same folder with the licman utility or is invalid, default field values are used.
During licensing service work, the system outputs debug info if the settings.json file has the logLevel field that is set to info or log. For details about possible errors that occur during Guardant work see the official documentation.
To ensure fault tolerance of the main license server, one can connect the servers that will be used as backup ones.
NOTE. It is relevant for Foresight Analytics Platform activation via RMS.
The licensing service addresses the main license server during the time specified in the serverTimeout field. If the specified time is out, and the licensing service did not receive response from the license server, the system connects to the backup server that follows the main one in the array of the server field. After this the licensing service addresses the main server with the frequency specified in the checkServerTime field. If the main license server responds the requests, the reverse connection is executed.
Backup servers should contain a trial license to ensure uninterrupted user work in case of temporary unavailability of the main license server. based license server is used, a license is activated at first use.
To connect backup license servers, set array in the server field. If required, change the values of additional fields.
The example of filled fields in the settings.xml file:
{
"server": ["localhost", "reserveServer"],
"port": 8510,
"checkServerTime": 15,
"logLevel": "log",
"serverTimeout": 10,
"workersCount": 4,
"secure":{
"port": 8511,
"key": "/opt/foresight/ssl/fp_licman_server_key.pem",
"cert": "/opt/foresight/ssl/fp_licman_server_cert.pem"
}
}
To ensure licensing service fault tolerance when a single BI server or BI servers cluster is used, set up the HAProxy balancer. For details see the Setting Up HAProxy Balancer Using Licensing Service section.
To delete licensing service files in Linux OS, execute the command:
Astra Linux:
sudo apt-get purge foresight-licman
RED OS and Rocky Linux:
sudo yum purge foresight-licman
ALT Linux:
sudo apt-get remove --purge foresight-licman
After executing the operations the folders /opt/foresight/licman and /var/log/licman and the service /etc/systemd/system/licman.service are deleted.
See also:
Foresight Analytics Platform Activation | Guardant License Server and Features of Its Use | RMS License Server and Features of Its Use | Setting Up Licensing Service Fault Tolerance