Protecting Applications as Floating Network License

Protecting Applications

To protect your application as a floating network license, you must set the protected application to detect the Network Key. The Network Key installed on the server may be implemented as Machine License or USB License. To connect to the NKLS, the protected application uses the Network Key configuration file that specifies parameters such as NKLS’s address and port number.


The following instructions describe how to use ElecKey Integrator (the shell protection method) to protect your application. Besides the shell protection method, you may also use the provided KeyCheck API (including the KeyCheck Class Library and the KeyCheck .NET Component) to protect your application, by specifying the same settings as described below. Please see Protecting Applications Using API and the provided code examples for more information.

To Protect an Application

1.       Run ElecKey Integrator. The wizard dialog box appears.

2.       In the Select Application License Type dialog, select Machine License or USB License (Dongle).

3.       In the Select Integration Task dialog, select Protect Code and Enforce Licensing.

4.       In the Specify Protected Program dialog, specify your executable file name in the Original field. In the Target field, specify a different name for the protected executable file that will be created.

5.       In the Set Identification dialog, assign a Program ID in the Program ID field.

6.       In the Key Detection Method dialog, select Detect Network Key.

7.       In the Set Options dialog, you can use the default settings.

8.       In the Customize Messages dialog, the needed dialog boxes for the implementation you have chosen are automatically checked. However, you can enable the dialog boxes as well as edit messages and options as you want.

9.       In the Summary dialog, review the action you have chosen.

10.    Click the Integrate button. The protected version of your executable file is created.


It is recommended that you save your unprotected executable file in a safe place. You can then rename the protected version to its original file name, and use it further to create a setup package and distribute your application to the user.

Distributing Protected Applications

To create a setup package for the application, please ensure to include the protected version of your executable file and the ElecKey system files. For Win32/Win64/.NET applications, the following is the list of the needed system files:


·         Ekc3220.dll (in \Deploy\Win32App\KeyCheck\)

·         Ekc6420.dll (in \Deploy\Win64App\KeyCheck\)

·         Nkag20.exe (in \Deploy\Win32App\Network\)

·         Nkag6420.exe (in \Deploy\Win64App\Network\)

·         Netkey.ini (Network Key configuration file)

The above system files must be placed in the same directory as the protected executable file. Note that the user must edit the Network Key configuration file (NETKEY.INI) with the proper settings of the NKLS address and port number. Depending on the features you have enabled, you may need additional system files. . See the topic Protecting Windows Apps/Deployment for more details.

Network Key Configuration File

The Network Key configuration file specifies parameters in which the protected application, and the end-user utilities for Network Key, uses to connect to the NKLS. The default file name is NETKEY.INI. This file must be placed in the same directory as the protected program files and the same directory as the end-user utility programs for Network Key. Because the file NETKEY.INI must be configured in the user’s network environment, the user should also be advised how to use this file.


The Network Key configuration file has the following format.





Header information


The server IP address, e.g. <n>is a number 1 – 4 of the server for fault tolerance (leave blank if not used).


The server TCP port number. The default port number of NetKey License Sever is 1245. <n>is a number 1 – 4 of the server for fault tolerance (leave blank if not used).


The server hostname or domain name, e.g. If this parameter is specified, ServerAddress can be omitted. <n>is a number 1 – 4 of the server for fault tolerance (leave blank if not used).


The timeout (in seconds) that the protected program waits for a reply from the NetKey License Server. A recommended value is 60 seconds.


Below is an example of the Network Key configuration file.








Below is an example of the Network Key configuration file, when deploying multiple servers for fault tolerance.