Applies to HTML Viewer, IE Browser publications.
You (for example if you are an author/publisher who wants to sell his/her ebooks) can easily turn your publication into a shareware one: this tab lets you create a trial or restricted publication, that means a publication with limited functionality (time-bombed publication for instance: it works only for a given number of days), unless your end users register it, i.e. purchase a key from you to access to the unlocked/full publication.
In the "Security|Trial Publication Tools" tab, turn "Create a restricted publication" on as shown below: this option will generate a restricted publication.
Trial publications work with certificates: a security certificate is like a door into your publication. Like a physical door, these entrances to your publication can let certain people (the ones with the right key) enter. Only those who pay for your work can get a registration key.
Every certificate has a unique signature. This is what HTML Executable uses to create keys associated to your certificate. The unique signature is strictly confidential: you should never give it to anyone.
A special security certificate, called the Default certificate, works a little differently. Used for evaluation versions of publications, this certificate does not use keys, which allows end users to access to your publication even when they don't have a key for your program. The default certificate is mandatory. When the default certificate is active, the publication works in the Trial mode.
Except the default certificates, other certificates should be used for registered versions of publications. When another certificate than the default one is active, the publication works in the Registered mode.
Trial and registered modes are used by some features of the publications: the About box will display a "Trial: please register this program..." statement in the Trial mode while it will show "This program is registered to ..." when working in the Registered mode. Also you have the possibility to lock HTML pages thanks to the conditions of the security profiles.
 | You may therefore create different registered versions of a single publication:
|
You can manage the certificates of your publication by going to the "Security|Trial Publication Tools" tab.
Configuring certificates
Each certificate has properties that you can configure by selecting the certificate and double-clicking on it (or clicking on the Configure button). The following window will appear:
Except the Default certificate, each certificate has a unique signature as explained above. You can enter what you want or let HTML Executable create a unique key for you by clicking on New Key.
 | Changing the unique signature will automatically invalidate any older keys that you generated and distributed to your users. |
You can forbid the entire access to your publication if the user is not registered (no evaluation is possible): just enable "Do not allow access to the publication without prior registration". This option is only available for the Default certificate. It always displays a nag screen called the "Unlock screen" at startup; this dialog box (that you can customize according to your needs) allows users to enter their key and unlock the publication.
Certificates can expire: you can specify the number of days or allowed runs for the evaluation period (the certificate will work during this period and it will stop working after that).
- For the default certificate which is designed for trial purposes, the evaluation period starts when the publication is run for the first time by the end user.
- For other certificates, the evaluation period starts when the end user enters a key.
You can either create X-day trial periods or X-use ones. Just select the expiration mode you want using the list: "days" or "runs". Note that changing the expiration mode may require you to reset trial information on your system (on the Publication Output Filename tab, select Reset Settings).
When the default certificate has expired, end users cannot access to the publication anymore. They have to enter a key to upgrade to another certificate than the default one.
When a certificate other than the default one has expired, it can optionally revert to the default certificate: to allow this behavior, enable the "Revert to the default certificate if expired" option. Otherwise end users cannot access to the publication anymore.
When a certificate has expired, the nag screen (if enabled) will display an error message: you can change this error message or let HTML Executable use the default one. If the nag screen is not enabled, a standard message box will appear. Then the publication exits.
The nag screen invites your end users to register the publication (i.e. pay the registration fee to you). It can also let them enter their key, go to the online registration page or evaluate your publication. You can enable or disable it thanks to the "Show the nag screen at startup" option:
- Never: the nag screen is never displayed. This is not recommended if your certificate has an expiration date; however use this choice for registered versions as you should never display a nag screen in a registered version of your publication.
- Only if certificate expired: the nag screen will pop up only if the certificate expired. In this case, it allows end users to enter a key to upgrade to another certificate. However if the certificate is still active, then the nag screen is not displayed.
- Always: the nag screen is always displayed at startup. Recommended for the default certificate only.
You need to specify a URL to your online order page where end users may place their order so they can get the registration key. In the nag screen, end users can click the "Order Online" button which will open this URL.
Activating a certificate
To allow an end user to upgrade to a certificate other than the default one, you need to distribute a key to him/her. A key allows the associated user to activate a given certificate and unlock its features (these features can be configured with security profiles).
You can create hardware-locked keys: to prevent end users from distributing their key to others or to avoid fraudulent purchases, you can configure the certificate to work with hardware-locked keys. In this case, the key issued to a registered user will be based on a GUID that depends on the user's computer hardware. The key will consequently only work on the user's computer and it becomes useless if it is shared with other persons.
If you enable this option, your users must also give you their system ID when they place their order. This system ID is automatically displayed on the nag screen/unlock screen where end users must enter their key. You then have to enter this system ID in the Key Generator or provide it to the key generator script too.
Note: these type of keys depend on the user's computer, so if users change their computer, reformat their disk (due to a crash), change the motherboard of their computer, the system ID will be different. In this case, the key won't work again: you will have to issue a new registration key to your users or provide them with an easy way to get a new one.
Some notes:
- You may not set up an evaluation period for the Default certificate: in this case, the publication will always offer an evaluation mode unless you enable "Do not allow access to the publication without prior registration" as explained above. Nevertheless you can lock some pages (using security profiles) so they may be accessible only upon registration (for instance, an ebook where end users must pay to access to the remaining chapters).
- If you do not want to allow an evaluation period at all, once again enable "Do not allow access to the publication without prior registration" as explained above; or alternatively you can just set the number of days to "0" for the Default certificate. In this case, a publication can only work if your user upgrades to another certificate (i.e. enters a key).
- You can always lock crucial HTML pages using the Security Profiles or add more restrictions using HEScript scripts.
See also:
