Configure services via Tricentis Service Configuration

This chapter covers the configuration process for services that are part of Tricentis Tosca Server features.

Only the services you have selected during the Tricentis Tosca Server Installation appear in the Tricentis Service Configuration dialog.

Modify service settings

You can modify your service settings. However, Tricentis recommends that you do not.

The default value for the secret key ClientSecret of each service is <to be generated>. After starting the Tricentis Service Configuration, the ClientSecret is automatically generated. It is associated with your ClientId.

You can access it through the appsettings.json file. By default, this file is located at each services’ directory at C:\Program Files (x86)\TRICENTIS\Tosca Server\.

Each service uses the same ClientSecret in each appsettings.json file of all services.

Access Tricentis Service Configuration

If you have selected Open Service Configurator in the final screen of the InstallShield Wizard during the installation, Tricentis Service Configuration opens automatically.

You can also start it manually:

• From the Windows Start menu.

• By double-clicking the file Tricentis.ServiceConfiguration.exe. By default, this file is located at C:\Program Files (x86)\TRICENTIS\Tosca Server\ServiceConfiguration.

Specify admin access

To configure services, you need admin access rights.

If you started Tricentis Service Configuration as a non-admin user, the Service Configurator starts with the User Account Control (UAC) window.

To enable admin mode, click Yes.

Configure services with Tricentis Service Configuration

To configure services that you selected during the Tricentis Tosca Server Installation, follow the steps below:

1. In the tab menu of the Tricentis Service Configuration, click the tab of the service that you want to configure.

2. Populate the configuration property fields. For information on which properties you have to configure for which service, see the following sections:

   • Tosca Administration Console

   • Tricentis Authentication Service

   • Tricentis Automation Object Service

   • Tricentis File Service

   • Tricentis Mail Configuration

   • Tricentis Project Service

   • Tricentis Service Discovery

   • Tricentis Test Data Service

   • Tricentis Tosca Server Landing Page

3. Repeat the steps above for all services that you want to configure. Tricentis Service Configuration marks all updated service tabs with an asterisk.

4. Click Save. This saves all changes; you don't have to save each service individually.

   You cannot save if you have entered an invalid property value for any service. In this case, Tricentis Service Configuration displays an orange exclamation mark on the service tab with the invalid property value.

5. Click OK to confirm the restart of all Tricentis Services.

If a service cannot restart, you can check your log files by clicking on View Logs next to the service.

Configure Tricentis Tosca Server Landing Page

The Tosca Server website allows you to access all server features through a single web interface.

For Tricentis Tosca Server Landing Page, configure the following HTTPS settings:

Property	Description
Port	Enter the port used to address Tricentis Tosca Server Landing Page.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location	Select the location of the SSL certificate.
Certificate Store	Select the store in which the SSL certificate is located.

Configure Tricentis Service Discovery

The Tricentis Service Discovery stores information about where the endpoints for the different services are located.

For Tricentis Service Discovery, configure the following properties:

Property	Description
Port	Enter the port used to address Tricentis Service Discovery. The default port is 5002.
Hostname	Specify the name of the host with which you connect to the service. The default host name is localhost. If you specify a token signing certificate, the host name is automatically updated to the common name (CN). The common name is specified in the certificate's subject name property, located in the certificate store on your computer. If necessary, you can still change the host name. To do so, click into the Hostname property field and enter the name of the host. If you use a proxy server and don't use the default host name localhost, you have to perform one of the following actions: Disable your computer's proxy settings. Set the NO_PROXY environment variable, for instance in the Windows Registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment. To bypass the proxy for certain domains, set the NO_PROXY environment variable to a comma-separated list of domain names. Each domain name must start with a . character and you must not use the * character in the domain name.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location	Select the location of the SSL certificate.
Certificate Store	Select the store in which the SSL certificate is located.

Configure Tricentis Project Service

The Tricentis Project Service stores information about projects, such as database connection string and project name in a central location.

For Tricentis Project Service, configure the following properties:

Property	Description
Port	Enter the port used to address Tricentis Project Service.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location	Select the location of the SSL certificate.
Certificate Store	Select the store in which the SSL certificate is located.

Configure Tricentis Authentication Service

To use the server-based Tricentis User Administration, you must configure Tricentis Authentication Service and Tricentis Mail Configuration.

For Tricentis Authentication Service, configure the following properties:

Property	Description
Port	Enter the port used to address Tricentis Authentication Service. The default port is 5000.
Certificate Thumbprint (Https service)	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location (Https Service)	Select the location of the SSL certificate.
Certificate Store (Https Service)	Select the store in which the SSL certificate is located.
Certificate Thumbprint (Token Signatures)	Enter the thumbprint for the token signing certificate. For more information, see chapter "Token Sign Certificate".
Certificate Store	Select the store in which the certificate is located.
User Storage Database	The default SQLite database path is %PROGRAMDATA%\TRICENTIS\IdentityManagement\UserStore.db. You can specify a different database in one of the following ways: Enter a different SQLite database path. Select a MSSQL or PostgresSQL database from the drop-down menu and enter the corresponding path. If you change the database, your data is not migrated automatically. You need to perform the migration manually.
Configuration Database	The default SQLite database path is %PROGRAMDATA%\TRICENTIS\IdentityManagement\ConfigurationStore.db. You can specify a different database in one of the following ways: Enter a different SQLite database path. Select a MSSQL or PostgresSQL database from the drop-down menu and enter the corresponding path. If you change the database, your data is not migrated automatically. You need to perform the migration manually.
Operational Database	The default SQLite database path is %PROGRAMDATA%\TRICENTIS\IdentityManagement\OperationalStore.db. You can specify a different database in one of the following ways: Enter a different SQLite database path. Select a MSSQL or PostgresSQL database from the drop-down menu and enter the corresponding path. If you change the database, your data is not migrated automatically. You need to perform the migration manually.
Regex for custom password policy	Define a custom password policy for locally created users with a regular expression. The default value for the regular expression is .{8,}. This means that the password must contain at least 8 characters. If you want to use your own regular expression, you can change the default value.
Maximum number of failed login attempts before account is locked	Define the number of failed login attempts before an account is locked. The default value is 5.
Account lockout duration in hours	Define the number of hours a locked-out account remains locked out before it is unlocked. The default value is 0.
Number of unique passwords before re-use	Specify the number of unique passwords a user must use before reusing an old password. The default value is 10.
Password expiration period (days)	Specify the number of days a password can be used before it expires and has to be changed. The default value is 0 days, meaning that the password is valid indefinitely. If you don't change the password within the specified expiration period, your account will be locked.
Audit Enable Audit	To enable audit logs that track user activity in Tricentis User Administration, enable the Enable Audit checkbox. The checkbox is disabled by default.
File File path for Audit logs	If you enable the property Audit, you can log the user activity to an audit log file. To do so, specify the path to the directory where you want to save audit log files. The default file path for audit logs is %PROGRAMDATA%\TRICENTIS\Audit\AuthenticationService\AuthenticationService_Audit_.csv.
Splunk Full endpoint	If you enable the property Audit, you can log the user activity into the Splunk logging platform. To do so, specify the endpoint address of Splunk. For example: http://localhost:6000/splunk. For more information about Splunk, see the Splunk documentation.
Event Collector Token (ECT)	Specify the token used to authenticate the event data.

If the password expiration period expires, you have to reset your password and additionally configure the mail settings. Note that you cannot use the default Admin user to reset the password, as it does not have a valid email address. Ensure that you set up an alternative admin account before you configure this property.

Configure Tosca Administration Console

The Tosca Administration Console enables you to migrate your Tricentis Tosca projects.

For Tosca Administration Console, configure the following properties:

Property	Description
Administration Console Port	Enter the port to access the Tosca Administration Console. The default port is 5010.
Migration Service Port	Enter the port to access the Migration Service of the Administration Console. The default port is 5011.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location	Specify the location of the SSL certificate.
Certificate Store	Specify the store in which the SSL certificate is located.

Note that the values specified for the properties Certificate Thumbprint, Certificate Location, and Certificate Store will be used by both Tosca Administration Console and Tricentis Migration Service.

Configure Tricentis File Service

Tricentis File Service stores execution logs and common repository attachments as files.

For Tricentis File Service, configure the following properties:

Property	Description
Storage Directory Path	Specify the path to the directory where you want to store the files.
Port	Enter the port used to address Tricentis File Service.
Log Path	Specify the path to the directory where you want to save the log files.
Log Level	Specify the level of logging to write in the log files: Error messages, File modifications, All file service communication.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location	Select the location of the SSL certificate.
Certificate Store	Select the store in which the SSL certificate is located.
Enable Security	Select the Enable Security check box to activate authentication for the File Service via Tricentis User Administration. Note that this works only for workspaces that you create with a Tricentis Server Repository.

Configure Tricentis Automation Object Service

The Automation Object Service (AOS) is a central element of the distribution architecture if you install Distributed Execution with AOS.

For Automation Object Service, configure the following properties:

Property	Description
Distribution Server Address	Specify the address of the Tosca Distribution Server. The default address is http://localhost.
Workspace Folder	Specify the folder where the workspace configured for the Automation Object Service is located. The default folder is %TRICENTIS_PROJECTS%Tosca_Workspaces.
Workspace Name/ID	Enter the name of the workspace.
Username	Enter the username to access the workspace.
Password	Enter the password to access the workspace.
Log Level	Select the log level.
Logfile Location	Specify the location of the logfile.
Log Requests	Select whether the log should include requests.
Log Errors	Select whether the log should include errors.
Include Scope	Select whether the log should include scope.
Port	Enter the port used to address Tricentis Automation Object Service. The default port is 5006.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For more information on security requirements, see chapter "Security requirements".
Certificate Location	Select the location where the SSL certificate is found on the computer.
Certificate Store	Select the store where the SSL certificate is located on the computer.
Maximum Parallel Workspaces	Specify the maximum number of workspaces that the Automation Object Service can work with in parallel.
Distribution Server Call Timeout (ms)	Specify the timeout of retrieving the test results from the Tosca Distribution Server. The default timeout is 30,000 ms. If this timeout expires and there is no response from the Tosca Distribution Server, the Automation Object Service abandons the request and logs an error.

Configure Tricentis Test Data Service

For Tricentis Test Data Service, configure the following properties:

Property	Description
Port	Enter the port used to address Tricentis Test Data Service. The default port is 5001.
Certificate Thumbprint	Enter the thumbprint for the SSL certificate. For detailed information on security requirements, see chapter "Security requirements".
Certificate Location	Select the location of the SSL certificate.
Certificate Store	Select the store in which the SSL certificate is located.
Enable Security	Select the Enable Security check box to activate authentication for the Test Data Service via Tricentis User Administration.

Configure Tricentis Mail Configuration

Once you have configured Tricentis Authentication Service, configure the SMTP (Simple Mail Transfer Protocol) server to send emails from the Tricentis User Administration.

For Tricentis Mail Configuration, configure the following properties:

Property	Description
SMTP Mail Server Address	Specify your SMTP mail server address.
Port	Enter the associated SMTP Host Port.
Username	Specify the username of the SMTP server.
Password	Specify the password.
Sender Name	Specify the name of the sender.
Sender Email	Specify the email address to send emails from.
Send test email to	Specify the email address that you want to send a test email to and click Test.

What's next

If you have specified an HTTPS binding for the Tricentis Tosca Server, make the necessary modifications in the IIS Manager as described in chapter "Use Tosca Server with an HTTPS binding".