Skip to content

The 2026 activation protocol

Starting with XLS Padlock 2026.0, compiled workbooks use a new activation protocol based on JSON request/response envelopes with mandatory Ed25519 signature verification. The FS Subscription kit auto-detects the protocol on each request, so workbooks packed in the legacy “Compatibility mode for pre-2026 activation kits” keep working unchanged (plain-text responses, no signature).

This protocol applies to activation, validation and deactivation alike.

Because this kit serves multiple workbooks (one entry per product in workbooks.json, see Step 4), you manage one Ed25519 keypair per product. The private (secret) key goes into that product’s new xlspadlocksignkey field in workbooks.json; the matching public key is embedded in the compiled workbook by XLS Padlock.

To enable the 2026 protocol for a product:

  1. In the XLS Padlock Designer, open the Activation Keys / Online Activation page for that workbook.
  2. Uncheck “Compatibility mode for pre-2026 activation kits”.
  3. Click “Generate keypair…”. The public key auto-fills in the Designer; copy the displayed private (secret) key into that product’s xlspadlocksignkey field in workbooks.json.
  4. Re-pack the protected workbook.

The XLS Padlock Online Activation page in 2026 mode, with "Compatibility mode for pre-2026 activation kits" unchecked and the "Generate keypair" button

The Server Public Key field on the Online Activation page is read-only: it is filled automatically when you click “Generate keypair…”, so the keypair must be created from the Designer. Copy the displayed private (secret) key into that product’s xlspadlocksignkey field in workbooks.json.

The 2026 protocol needs the PHP sodium extension (libsodium) on your server - bundled with PHP 7.2 and later, including all PHP 8.x. See Server requirements for the FS Subscription kit. If xlspadlocksignkey is left empty while a workbook sends a 2026 JSON request, the kit returns a misconfiguration error.