We are looking for a license file that can have a list of features in an encrypted way and can be decrypted programmatically and validated against the features that the clients opted for. Is there any way that we can rely on replicated?
if not we are looking for a custom license field but we are not sure how to validate if the license file has been tampered with or is in its original form. Can you guide us on how to verify the authenticity of the license file?
The license does have a signed hash embedded in it. That makes that a customer can not change any fields in it, as it would invalidate the license.
Also there is an API that you can use the REST api to make sure the “runtime” values are what you expect: Referencing Custom License Fields | Replicated Docs
by any chance is it possible to validate it on client side ? I am mostly looking to validate certificate for client who dont have inernet access.
Assuming you mean the verification of the signature. Sure you can do that.
But if it is an offline installation (airgap), kots will also verify the license during installation.