Installing the OEM certificate

	TwinCAT root directory <TwinCAT_ROOT> Up to and including TwinCAT 3.1.4024: C:\TwinCAT From TwinCAT 3.1.4026: C:\ProgramData\Beckhoff\TwinCAT

Once you have received the signed certificate, import it via the Software Protection Control Center:

Installing the OEM certificate 2:

Note: This import function is only available in TwinCAT 3.1 build 4024 or higher.

Alternatively, you can store the file manually on your Engineering system in the directory <TwinCAT_ROOT>\3.1\customconfig\certificates.

After restarting the TwinCAT Engineering the certificate is listed in the software protection configurator on the Certificates tab.

Check whether the certificate is shown as "valid" there.

Storage instructions for the application area: protection of OEM application software

The OEM key included in all certificate versions facilitates the use of the functions for protecting the TwinCAT 3 application software:

Creating a user database (user DB) for user access control
Create OEM application license description files
(basis for issuing OEM application licenses)
Issuing (signing) of OEM application licenses

The OEM Standard certificate (TC0007) is only required for these three purposes.

	On which computer has the OEM certificate TC0007 to be stored? The OEM certificate should only be located on the computer on which the three activities listed above are performed.

The OEM certificate TC0007 is not required:

for the use of a User DB
for the program sequence
for the use of OEM application licenses

For security reasons, the certificate should not be delivered on control computers or installed randomly on computers with TwinCAT Engineering.

When using OEM licenses, the OEM certificate is only required once to issue the license (since it is used to sign the license file).

Storage instructions for the application area: signing TwinCAT driver software

The OEM key included in the certificate version TC0008 (TwinCAT OEM Certificate Extended Validation) can additionally be used to sign TwinCAT driver software created with TwinCAT 3 in C++.

If you use TC0008 only for this purpose, the following applies:

	On which computer has the OEM certificate TC0008 to be stored? The OEM certificate should only be located on the computer on which TwinCAT driver software created with TwinCAT 3 in C++ is signed.

If you also use TC0008 for TwinCAT Software Protection, the relevant instructions for the computers on which the certificate may / should be stored also apply.

The OEM certificate TC0008 is not required for running the TwinCAT driver software signed with it.

The certificate should not be delivered on control computers or installed randomly on computers with TwinCAT Engineering.