Learn about sensitive data security
- Last UpdatedFeb 20, 2025
- 1 minute read
Passwords
Passwords may be used by connectors to access data sources. These passwords are encrypted in the data source configuration files located on the connector and PI Data Collection Manager hosts. To determine if the connector performs password encryption, see the user guide for the specific connector.
Note: The Microsoft Data Protection API (DPAPI) is used to perform encryption for connectors that encrypt confidential information such as passwords.
-
On the connector host, the data source configuration file Datasource.config.json is stored in the Program Files\PIPC\Connectors\Connector Name\Configuration folder.
-
On the PI Data Collection Manager host, the data source configuration information is stored in the NodeMap.config.json file in the Program Files\PIPC\Data Collection Manager\DataCollectionManager\Configuration folder.
Cryptographic keys
Connectors create two cryptographic keys used by X.509 certificates at installation time for each connector application (PI Connector, PI Connector Relay, and PI Data Collection Manager). The first X.509 certificate is used to secure an HTTPS connection used for application administration. The second X.509 certificate is used to secure AMQPS communication.
The private keys for these certificates are stored in the Windows Certificate Store.