Hi Ivan,
No changes can be done to master key modules.
Even if the master key is seen on other machines over network, the key cannot be used from remote machines.
Master key can be used by Vendor Suite tools like envelope to protect the application and by EMS for license generation, only from local machine.
Examples:
Mater key connected on Machine A where LDK is installed (EMS + Vendor Suite).
The key is also visible on machine B over network.
- If we install vendor suite on Machine B and try to run master wizard/envelope, it will no detect the master key
Even if master key has NET access enabled in the modules, the tools using master key (Vendor Suite and EMS) cannot communicate with it over network.
- If we install EMS on Machine B - it will not be able to generate the license for your batch code and will return error for master key not found.
However, EMS installed on Machine A can be accessed from Machine B or any other machine over network via browser and can be used to generate the license as long as Master keys is connected on Machine A (where EMS is installed). This is irrespective of master key being visible on other machines.
To summarize- any master key operations cannot be performed from remote machines.
The NET access is applicable for user keys (other keys except master/developer).
For more detailed discussion please create a ticket on our Customer Portal
If you are not registered on the portal then please drop an email to technical.support@gemalto.com to get your customer identifier needed for signing up on portal.
Thanks,
Ashish