LicenseDNS

DNS Query for License Activation & Deactivation

LicenseDNS DNS Server

LicenseDNS operates a specialized DNS server that responds to DNS TXT queries with the DNSSEC OK bit set. If the license is valid, it returns TXR records associated with that license. When DNSSEC validation is successful, you can be confident that the license originates from the server and has not been tampered with or modified. Therefore, you can trust the obtained TXT values safely, without needing to implement any cryptographic signature verification methods.

DNS Query Format

To activate or deactivate a license, send a DNS TXT query to any recursive DNS server using a specific format. Three labels are required before the main LicenseDNS query host, which is q.licensedns.net.
  1. The action: letter a for activation and d for deactivation.
  2. The license key and product Id hash value: concanate the license key and product Id (uppercase) then take sha256 hash, use the first 32 characters.
  3. The fingerprint: max 32 characters long fingerprint or device Id. It can be anything to to bind the license to.

Example

License key: 5F32A-UN7KF-UE9V8-AW3NS
Product Id: ADA14AE9-08A8-4AE2-B69E-AAE277B8346F
Fingerprint: example-fingerprint

First calculate hash by concanating license key and product Id then take first 32 characters. A sample Java code:
DigestUtils.sha256Hex("5F32A-UN7KF-UE9V8-AW3NS" + "ADA14AE9-08A8-4AE2-B69E-AAE277B8346F").substring(0, 32);

To activate this license, the domain to send DNS TXT query should be
a.7F3735C907D319640373EFA17E196059.example-fingerprint.q.licensedns.net
The first label a is for activation, the second label 7F3735C907D319640373EFA17E196059 is the calculated hash value. the third label is the fingerprint.

To deactivate this license, the domain to send DNS TXT query should be
d.7F3735C907D319640373EFA17E196059.example-fingerprint.q.licensedns.net
The first label d is for deactivation, the second label 7F3735C907D319640373EFA17E196059 is the calculated hash value. the third label is the fingerprint.

DNS Query Response

DNS query can be send programmatically or using operating system command. There are dnssec libraries available for many programming languages. An example putput is given below using delv command on Linux to activate the license (+short option is to display only the requested values, and +trust is for displaying validation result) 
$ delv a.7F3735C907D319640373EFA17E196059.example-fingerprint.q.licensedns.net -t txt +short +trust
; fully validated
"anything"
"result=success"
"company=Acme Co."
"fullname=John Doe"
"email=john@acme.com"
"some-key=some-value"
"feature1=some-value1"
"feature2=some-value2"
"epochtime=1742590074543"
"datetime=2025-03-21 20:47:54"
Returned response is fully validated as seen in the output above, and all TXT features defined when generating license are obtained.

Output when delv command used to deactivate the license. 
$ delv d.7F3735C907D319640373EFA17E196059.example-fingerprint.q.licensedns.net -t txt +short +trust
; fully validated
"result=success"
"epochtime=1742594751129"
"datetime=2025-03-21 22:05:51"
The returned response is full validated again, it includes result with success value; it means license is successfully deactivated.

The server adds following TXT values on each query.
  • result=success it is set as either success or fail
  • datetime=datetime it sends the server datetime in yyyy-MM-dd HH:mm:ss
  • epochtime=epochtime it sends the server datetime in epochtime long number.
  • fullname=full name license owner full name if defined.
  • email=email address license owner e-mail address if defined.
  • company=company name license owner company name if defined.

See GitHub page for some source examples: https://github.com/LicenseDNS


© 2025 LicenseDNS
Privacy Terms of Use Refund Policy Contact Us