TcSignTool - Storage of the certificate password outside the project

The TcSignTool can be used to store a password for a TwinCAT user certificate in the registry. Thus, the password is not needed in the projects, where the passwords would end up unintentionally in version control systems.

The TcSignTool is a command line program located in the path C:\TwinCAT\3.x\sdk\Bin\.

The storage of the password is carried out with the following parameters:

tcsigntool grant /f "C:\TwinCAT\3.1\CustomConfig\Certificates\MyCertificate.tccert" /p MyPassword

The password is deleted with the following parameters:

tcsigntool grant /f "C:\TwinCAT\3.1\CustomConfig\Certificates\MyCertificate.tccert" /r

The unencrypted password is stored under HKEY_CURRENT_USER\SOFTWARE\Beckhoff\TcSignTool\