Creating a user database

Creating a user database 1:

Only valid for TwinCAT 3.1 Build 4024.0: creation of a User DB requires Crypto Version 1

In the TwinCAT version Build 4024.0, a user database for the TwinCAT Software Protection may only be created with an OEM certificate with Crypto version 1!

Creating a user database 2:

Directory for storing user databases

User databases must be stored in the following directory in order to be used in the TwinCAT Engineering: C:\TwinCAT\3.1\CustomConfig\UserDBs

Depending on the TwinCAT version, two different ways of creating a user database are available to you.

User database can only be created or edited if no project is open. Close any open projects.
The Software protection configurator is opened.
1. If you are using a TwinCAT version < build 4022.25, open the Certificates tab, select the OEM certificate and then click on Create New User DB...
Creating a user database 3:
2. If you are using a TwinCAT version >= build 4022.25, the Create New User DB... button is additionally available on the Database tab. Here you select the OEM certificate directly in the input mask. Click on Create New User DB…
Creating a user database 4:
The Create new User DB dialog opens.
Creating a user database 5:
3. Enter a name for the database (Database Name). This name is used in the program to display the selected database.
4. Specify a Database Unique Name (for example, with a version number) that enables the unambiguous identification of that database (version) within your organization.
5. Enter a name for the administrator of the database. The Database Admin created here is used only to sign the database and cannot be used to log in or to make changes to the database. To make changes to the database, at least one database user must be a member of the administrator group.
6. Define the template for the new database.
You should use the TemplateOEM.tcudb template as an easy basis. If your TwinCAT version doesn't contain the template yet, you can download it here: NewTemplate_UserDBV1.0.zip.

To select a different template, click Browse... next to the Database Template box and select the file you want from the Explorer window.
The template is displayed in the Database Template box.
Creating a user database 6:
Notice You can also create your own templates for a database, for example, based on a database that you have already created.
7. The database created must initially be signed with a valid OEM certificate. Data from the OEM certificate is also used to generate the User DB key, which unambiguously identifies the individual database.

If the desired certificate is not set in the OEM Certificate File box, select the OEM certificate by clicking on Browse...

The standard directory for the OEM certificate is: c:\twincat\3.1\customconfig\certificates.
The certificate is displayed in the OEM Certificate File box.
8. Click on OK.
You will now be prompted in a dialog to specify a password for the (signing) administrator of the database.

Creating a user database 7:
9. Enter a password and confirm it by entering it again. Be sure to use a strong password, as otherwise the database will be easy to attack!
10. Click on OK.
11. Build 4024 only: You will now be prompted to create the second (content-managing) administrator of the database:

Creating a user database 8:

You can provide them with the same user name and password as the signing administrator. This makes it easier to manage the database. The user name of the previously created signing administrator is therefore suggested here as the default value.

However, you can also separate the functions of content management (= this administrator) and release of changes (= signing administrator) if you wish.

Notice You can create additional administrators or make changes later, after the database has been created.
Notice You don't have to create any more users if you only need a single user who is allowed to do everything. This is the case, for example, if you simply want to encrypt your project and make no other distinction in access rights.
12. Click on OK.
The database is saved. In a dialog you will be requested to enter the password for the OEM Private Key, with which the database has to be signed in order to be used.
13. Enter the password of the OEM certificate and confirm the dialog with OK.

Creating a user database 9:

Note: From now on you no longer need the OEM certificate when you work with this database (for example, to make changes to the content).
A further dialog opens with the question whether the database should also be set as the current database in Visual Studio ("activated").
14. If so, confirm the dialog with OK.

Creating a user database 10:
This sets the new database as the current database in Visual Studio.

The currently set database is used for the (new) connection of a project to a database.

The database assigned to a project is saved in the project (file name and User DB key).

The database's location is C:\TwinCAT\3.1\CustomConfig\UserDBs.

If you want to define this (or another) database as the default database (which is to be used by default when starting Visual Studio), set it on the Database tab of the configuration window. The procedure is described in the next chapter.