Creation of the Certificate Request file for TC0008
 | System requirements - Min. TwinCAT 3.1 Build 4024 |
- 1. Call up the Software Protection configurator. To do this, select the menu item Software Protection in the main menu below the item TwinCAT:
- 2. In the window that opens, select the Certificates tab.
Click Create New....:
- 3. The Create OEM Certificate input window opens:
- 4. Enter the required data:
- Enter your company name in the OEM Name text field. The name must have a clear reference to your company or your business unit.
- Enter a Unique Name. The "OEM Unique Name" must be a unique name that uniquely identifies the owner of the certificate worldwide, preferably the URL of your company's website or your email address. The email address must be a company email address, i.e. it must be possible to assign it unambiguously to your company.
- Check the checkbox Sign TwinCAT C++ executables:
If you only want to sign TwinCAT driver software with this certificate, uncheck the other two checkboxes. (These are only used in the PLC area) - Make sure that Crypto version 2 (for the encrypted content of the certificate content) is set. (default setting)
- 5. Once you have entered the data, click Start and select a directory to save the file.
You can simply accept the suggested directory "c:\twincat\3.1\customconfig\certificates". You need the newly created file in this directory in order to be able to read out the "File Fingerprint" for this file in a subsequent step. - A dialog for selecting a password for the OEM Private Key opens.
- 6. Issue a password for the OEM Private Key.
Password security - Be sure to use a strong password for your certificate! Take suitable measures to protect your password so that it cannot fall into the wrong hands!
Password cannot be recovered if lost - Beckhoff cannot recover or reset your password. If you forget or lose the password for your certificate, you can no longer use it and have to request a new certificate. - 7. Confirm the password by entering it again and close the dialog with OK.
- The file is saved.
The "Certificate Request File" generated in this way must now be signed by the Beckhoff certificate section in order to be valid. The procedure is described in chapter Requesting a certificate.