Storage of the DB Password
The password for the database access is always stored encrypted in WinCC OA . This password can be encrypted in two ways
With the simple method (symmetric encryption). It is less safe but easier to configure or by using the recommended secure method (asymmetric encryption method), which is safer but more configuration is required.
Simple method
- Open the NGA configuration panel - Backend tab via the and select the backend from the list.
- Under Basic Configuration click on the Password field to change the password. The database password window is opened.
- Uncheck the check box Asymmetric encryption.
- Enter the password and save it.
Recommended Secure Method
- Open the NGA configuration panel - Backend tab via the and select the backend from the list.
- Under Basic Configuration click on the Password field to change the password. The database password window is opened. You can generate a private key for the asymmetric encryption by using the Generate button (see figure below). The private key is saved in the config directory of the project when you click the Generate button. Copy the private key from the config directory to a secure location. A secure location would preferably be a location where only the backend has access to. The field Private Key must contain the full path (including the file name) of the private key.
- Enter the password and confirm by clicking the OK button.
For InfluxDB®, see chapter DB Installation - InfluxDB®.
For PostgreSQL®, see chapter NGA - Requirements and Installation - Windows and NGA - Requirements and Installation - Linux
The database will resume to normal operation by using the new password.