Configure services via Service Configuration
This chapter covers the configuration process for services that are part of Tricentis Tosca Server features.
Modify service settings
You can modify your service settings. However, Tricentis recommends that you do not.
The default value for the secret key ClientSecret of each service is <to be generated>. After starting the Tricentis Service Configuration, the ClientSecret is automatically generated. It is associated with your ClientId.
You can access it through the appsettings.json file. By default, this file is located at each services’ directory at C:\Program Files (x86)\TRICENTIS\Tosca Server\.
Each service uses the same ClientSecret in each appsettings.json file of all services.
Access Tricentis Service Configuration
Tricentis Service Configuration opens automatically if you have selected to open the settings page in the final screen of the Tosca Server installation.
To start Service Configuration manually, access the Tosca Server Landing Page and click on Settings.
|
You can only configure services on the machine on which you've installed the services. You can't access Service Configuration from another machine. |
Specify admin access
To configure services, you need admin access rights.
If you started Tricentis Service Configuration as a non-admin user, Tricentis Service Configuration starts with the User Account Control (UAC) window.
To enable admin mode, click Yes.
Configure services with Tricentis Service Configuration
To configure the services, follow the steps below:
-
In Tricentis Service Configuration, click the tab of the service that you want to configure.
-
Populate the configuration property fields. For information on which properties you have to configure for which service, see the following sections:
-
Tosca Gateway, which contains the Tosca Server Landing Page and Tosca Service Discovery
-
-
Repeat the steps above for all services that you want to configure. Tricentis Service Configuration marks all updated service tabs with an asterisk.
-
Click Save. This saves all changes; you don't have to save each service individually.
You can't save if you have entered an invalid property value. Tricentis Service Configuration displays an orange exclamation mark on the service tab with the invalid property value.
-
Click OK to confirm the restart of all Tricentis Services.
If a service can't restart, you can check your log files by clicking on View Logs next to the service.
Configure Tosca Gateway Service
The Tosca Gateway, which includes the Tosca Server Landing Page, allows you to access all server features through a single web interface.
For the Tosca Gateway, configure the following HTTPS settings:
|
Property |
Description |
|---|---|
| Hostname |
Specify the name of the host with which you connect to the service. The default host name is localhost. If you specify a token signing certificate, the host name is automatically updated to the common name (CN). The common name is specified in the certificate's subject name property, located in the certificate store on your computer. If necessary, you can still change the host name. To do so, click into the Hostname property field and enter the name of the host. If you use a proxy server and don't use the default host name localhost, you have to perform one of the following actions:
|
|
Port |
Enter the port used to address Tosca Gateway. The default port is 443. |
|
Certificate Thumbprint |
Enter the thumbprint for the SSL certificate. |
|
Certificate Location |
Select the location of the SSL certificate. |
|
Certificate Store |
Select the store in which the SSL certificate is located. |
Configure Tricentis Project Service
The
For
|
Property |
Description |
|---|---|
|
Port |
Enter the port used to address |
Configure Tricentis Authentication Service
To use the server-based
For
|
Property |
Description |
|---|---|
|
Port |
Enter the port used to address |
|
Enter the thumbprint for the token signing certificate. For more information, see chapter "Token sign certificate". |
|
|
Certificate Location (Token Signatures) |
Select the location of the token signing certificate. |
|
Certificate Store (Token Signatures) |
Select the store in which the token signing certificate is located. |
|
User Storage Database |
The default SQLite database path is %PROGRAMDATA%\TRICENTIS\IdentityManagement\UserStore.db. You can specify a different database in one of the following ways:
If you change the database, your data is not migrated automatically. You need to perform the migration manually. |
|
Configuration Database |
The default SQLite database path is %PROGRAMDATA%\TRICENTIS\IdentityManagement\ConfigurationStore.db. You can specify a different database in one of the following ways:
If you change the database, your data is not migrated automatically. You need to perform the migration manually. |
|
Operational Database |
The default SQLite database path is %PROGRAMDATA%\TRICENTIS\IdentityManagement\OperationalStore.db. You can specify a different database in one of the following ways:
If you change the database, your data is not migrated automatically. You need to perform the migration manually. |
|
Regex for custom password policy |
Define a custom password policy for locally created users with a regular expression. The default value for the regular expression is .{8,}. This means that the password must contain at least 8 characters. If you want to use your own regular expression, you can change the default value. |
|
Maximum number of failed login attempts before account is locked |
Define the number of failed login attempts before an account is locked. The default value is 5. |
|
Account lockout duration in hours |
Define the number of hours a locked-out account remains locked out before it is unlocked. The default value is 0. |
|
Number of unique passwords before re-use |
Specify the number of unique passwords a user must use before reusing an old password. The default value is 10. |
|
Password expiration period (days) |
Specify the number of days a password can be used before it expires and has to be changed. The default value is 0 days, meaning that the password is valid indefinitely. If you don't change the password within the specified expiration period, your account will be locked. |
|
Audit Enable Audit |
To enable audit logs that track user activity in |
|
File File path for Audit logs |
If you enable the property Audit, you can log the user activity to an audit log file. To do so, specify the path to the directory where you want to save audit log files. The default file path for audit logs is %PROGRAMDATA%\TRICENTIS\Audit\AuthenticationService\AuthenticationService_Audit_.csv. |
|
Splunk Full endpoint |
If you enable the property Audit, you can log the user activity into the Splunk logging platform. To do so, specify the endpoint address of Splunk. For example: http://localhost:6000/splunk. For more information about Splunk, see the Splunk documentation. |
|
Event Collector Token (ECT) |
Specify the token used to authenticate the event data. |
|
|
If the password expiration period expires, you have to reset your password and additionally configure the mail settings. Note that you cannot use the default Admin user to reset the password, as it does not have a valid email address. Ensure that you set up an alternative admin account before you configure this property. |
Audit file content
If you have enabled audits, the following events are captured in the audit log file:
-
User Events (regular users and admin users):
|
Category |
Events |
|---|---|
|
Managing users |
Log-in/Log-out, locked-out user, failed log-ins, create a new personal access token for an existing user, delete an existing personal access token, reset password, update user (change password, rename user) |
-
Administrator Events (admin users):
|
Category |
Events |
|---|---|
|
Managing users |
Register user, invite user, activate user, deactivate user, remove user |
|
Manage Groups |
Create group, delete group, add group to group, add user to group, update group |
|
Manage Connections |
Create a new LDAP connection, delete LDAP connection, update LDAP connection |
|
Settings |
Enable SSO, update SSO connection (metadata file, address, set name) |
Configure Tosca Administration Console
The Tosca Administration Console enables you to migrate your Tricentis Tosca projects.
For Tosca Administration Console, configure the following properties:
|
Property |
Description |
|---|---|
|
Administration Console Port |
Enter the port to access the Tosca Administration Console. The default port is 5010. |
|
Migration Service Port |
Enter the port to access the |
Configure Tricentis File Service
Tricentis File Service stores execution logs and common repository attachments.
|
|
You can only configure this service in the Tricentis Service Configuration if you have enabled it in the Windows Services app (see step 2 in the Tosca Server setup overview). |
For Tricentis File Service, configure the following properties:
|
Property |
Description |
|---|---|
|
Storage Directory Path |
Specify the path to the directory where you want to store the files. |
|
Port |
Enter the port used to address Tricentis File Service. The default port is 5005. |
|
Log Path |
Specify the path to the directory where you want to save the log files. |
|
Log Level |
Specify the level of logging to write in the log files: Error messages, Modifications, All service communication. |
|
Enable Authentication |
If you enable this feature, Tricentis File Service checks in Note: the user authorization check is only available in Tricentis Server Repository workspaces. |
Configure Automation Object Service
The Automation Object Service (AOS) is a central element of the distribution architecture if you use Distributed Execution with AOS or Elastic Execution Grid.
You can configure the following properties in the Automation Object Service tab:
|
Property |
Description |
||
|---|---|---|---|
|
Assigned Workspaces section |
|||
|
Workspace Folder |
Specify the folder that contains the workspace configured for the Automation Object Service. The default folder is %TRICENTIS_PROJECTS%Tosca_Workspaces. |
||
|
Maximum Parallel Workspaces |
Specify the maximum number of workspaces that the Automation Object Service can work with in parallel. The default value is 10.
|
||
|
Workspace Root Name |
Enter the root name of the AOS workspace. |
||
|
Username |
Enter the username to access the workspace. |
||
|
Password |
Enter the password to access the workspace. |
||
|
Distributed Execution |
Use the toggle to enable or disable Distributed Execution as one of the execution environments for the Automation Object Service. The following Distributed Execution settings are only available if the switch is On. |
||
|
Distribution Server Address |
Specify the address of the Tosca Distribution Server. The default address is http://localhost:5007. |
||
|
Distribution Server Call Timeout (ms) |
Specify the timeout of retrieving the test results from the Tosca Distribution Server. The default timeout is 30,000 ms. If this timeout expires and there is no response from the Tosca Distribution Server, the Automation Object Service abandons the request and logs an error. |
||
|
Elastic Execution Grid integration The settings below only apply if you want to integrate Tricentis Tosca with Elastic Execution Grid via Automation Object Service.
|
|||
|
Elastic Execution Grid |
Use the toggle to enable or disable Elastic Execution Grid as one of the execution environments for the Automation Object Service. The following Elastic Execution Grid settings are only available if the switch is On. |
||
|
Elastic Execution Grid URL |
Enter https://<network address of your cloud instance>/<space name>. Replace <space name> with one of the following:
For instance, https://examplecompany.my.tricentis.com/default. |
||
|
Client ID |
This field contains the Client ID of your cloud authorization. It's prefilled; you don't need to change the value. |
||
|
Client Secret |
Enter the Client Secret of the Okta application Tosca Server (see chapter "Set up the integration via Automation Object Service"). |
||
|
HTTPS Settings (optional) section |
|||
|
Port |
Enter the port used to address the Automation Object Service. The default port is 5006. |
||
|
Logging (optional) section |
|||
|
Log Path |
Specify the complete path of the log file, including file name and extension. |
||
|
Log Level |
Select the log level of the AOS log:
|
||
You must update the Consul and Ocelot configuration files if you perform any changes to the default port or endpoint address of the
Update the Consul configuration file
Update the following property values in the Consul configuration file of the service. This file is located at C:\Program Files (x86)\TRICENTIS\Tosca Server\Gateway\Consul\config\AutomationObjectService.json:
|
Property |
Description |
|---|---|
|
port |
Enter the port used to address the |
|
http |
Enter the complete address, including port, used by the |
Update the Ocelot configuration file
To update the Ocelot configuration file of the
-
Open the ocelot.json file which is located at C:\Program Files (x86)\TRICENTIS\Tosca Server\Gateway.
-
Search for
-
Update the values of the following properties in
|
Property |
Description |
|---|---|
|
DownstreamScheme |
Enter either http or https depending on the binding you chose. |
|
Port |
Enter the |
Apply the changes
Restart the following services to apply the changes:
-
Tricentis.ToscaAutomationObjectService
-
Tricentis.GatewayService
-
ConsulService
Configure Tricentis Test Data Service
For
|
Property |
Description |
|---|---|
|
Port |
Enter the port used to address |
|
Enable Authentication |
Select the Enable Authentication check box to activate authentication for the Test Data Service via |
|
Enable Diagnostics |
Select the Enable Diagnostics check box to send anonymous usage data to Tricentis. |
Configure Tricentis Mail Configuration
Once you have configured
For
|
Property |
Description |
|---|---|
|
SMTP Mail Server Address |
Specify your SMTP mail server address. |
|
Port |
Enter the associated SMTP Host Port. The default port is 587. |
|
Username |
Specify the username of the SMTP server. |
|
Password |
Specify the password. |
|
Sender Name |
Specify the name of the sender. |
|
Sender Email |
Specify the email address to send emails from. |
|
Send test email to |
Specify the email address that you want to send a test email to and click Test. |
Configure Tricentis Notification Service
Tricentis Notification Service is the data interface between Tricentis Tosca and other applications. It is a vital component if you integrate Tricentis Tosca with qTest or SAP Solution Manager.
|
|
You can only configure this service in the Tricentis Service Configuration if you have enabled it in the Windows Services app (see step 2 in the Tosca Server setup overview). |
For Tricentis Notification Service, configure the following properties:
|
Property |
Description |
|---|---|
|
Port |
Default port used by Notification Service behind the Gateway proxy. You can specify a different port if needed. |
|
Enable Authentication |
If you enable this feature, Notification Service checks in Note: the user authorization check is only available in Tricentis Server Repository workspaces. |
|
Database section |
|
|
Database Connection String |
Enter a valid connection string to your Notification Service database. |
|
Logging section |
|
|
Log Path |
Enter the path to the directory where you want to save the log files. |
|
Log Level |
Define the log level: Error messages, Modifications, or All service communication. |
|
SAP Solution Manager Integration section (optional) |
|
|
Enabled |
Select the check box to enable the SAP Solution Manager integration. |
|
qTest Integration section (optional) |
|
|
Enabled |
Select the check box to enable the qTest integration. |
|
qTest URL |
Enter the URL to your qTest instance. |
|
API Key |
Enter your qTest API key. To get the API key, open qTest and click |
Configure Tosca License Administration
Tosca License Administration allows you to monitor and manage one or more on-premise license servers.
For Tosca License Administration, configure the following property:
|
Property |
Description |
|---|---|
|
Port |
Enter the port used to address Tosca License Administration. The default port is 5030. |
What's next
If you have specified an HTTPS binding for the Tricentis Tosca Server, make the necessary modifications as described in see chapter "Use Tosca Server with an HTTPS binding".