Using a Remote Backend with Encryption
This feature provides encrypted communication between the NGA manager and the backend. To use a remote backend with encryption, proceed as follows:
- Install WinCC OA on the remote machine.
Note: You need the installation even though a project is not running on the remote machine.
- On the Out-Off-Proc. , delete the content of the and select the
- Generate two encryption key files via the encryption panel. Open the panel via .
- Click in the "Encryption Certificate" field. For the description of the Encryption Certificate field, see chapter Basic Configuration ->Encryption Certificate
CAUTION: Create the encryption key files on the same operating system on which you use them!
Note: The encryption can only be used for the Execution Type
Out-Off-Proc
Two files are generated, one for the frontend (NGA manager) and one for the backend in the wincc_oa_path/config directory. NOTE that you should save the files in a secure location!
- On the remote machine start the backend manually by passing the location of the backend encryption key file. Execute the following command in the wincc_oa_path/bin directory:
NGAinfluxBackend.exe "frontend_address":"port" [encryption_key_path]
for example:
NGAPostgreSQLBackend.exe 192.168.8.6:50200 D:/WinCC_OA_Projects/NGA_proj/config/zmq_backend_PostgreSQL.key
NGAinfluxBackend.exe 192.168.8.6:50200 D:/WinCC_OA_Projects/NGA_proj/config/zmq_backend_InfluxDB.key
Note: If the Execution Type is changed back to In-Proc, delete the internal NGA data points.