Sign in

Installing the Agent Service

March 10, 2026 04:29 AM
5 min read

This tier of the installation is disabled by default. It is necessary to install the Agent Service if you plan to use either Vault Replication or the Conversion Server.

The Agent Service is a Windows Service designed to handle other add-on services such as Conversion Server and Vault Replication. It works by actively listening to http/https requests from Aras Innovator Server on a dedicated port.

The Aras Agent Service may be installed on a different server than the Aras Innovator Server. If installing on the same machine as Aras Innovator, you should run the ChangeGUID.exe file on the Installer as described in section Modify, Repair, or Remove to avoid conflicts in current Aras Innovator installation. The Agent Service application should be installed to a separate physical directory.

Note
The following instructions assume that the Agent Service is being installed on the same machine as Aras Innovator Server.

  1. When prompted for the installation directory, click Change and select a new directory, for example: C:\ProgramFiles (x86)\Aras\AgentService\

    Figure 36.

  2. When selecting setup, choose Custom and then select only the Agent Service to install.

    Figure 37.

  3. Specify the host name, port number as follows: <ServerName>:<PortNumber>.
  4. The Agent Service alias is a unique identifier for the Windows service name. The Full name is ArasInnovatorAgent_<alias>. The displayed name is Aras Innovator Agent (<alias>).

Figure 38.

Note
The Agent Service can only be installed on a free port.

  1. Specify the connection URL for the Aras Innovator Server as follows: <Protocol>://<ServerName>/<WebAlias>/Server/InnovatorServer.aspx

    Figure 39.

    1. Application Server URL: since the Agent Service is not a standalone application and is useful only along with the Aras Innovator Server, this field allows you to specify the Application Server URL for the instance of Aras Innovator you are going to use with this Agent Service. The Application Server URL is of the following format:

      http://<servername>/<web_alias>/Server/InnovatorServer.aspx

      where:

      • <servername> is the name of the server where the Aras Innovator Server is running. For example, if it is running on the local machine, the server is localhost
      • <web_alias> is the name of the Aras Innovator Server Virtual Directory and consequently the name that is used to access the Aras Innovator Server. This is the same Web Alias that you specified earlier in section Server Web Alias Setup.

    A best practice for a standard install is:

    http://localhost/$[HTTP_PATH_SERVER]/Server/innovatorserver.aspx

  1. Copy the Agent Service Tag generated by the installer and save it to be added to the InnovatorServerConfig.xml in the root directory of the main Aras Innovator installation.

Figure 40.

  1. Configure OAuth Certificates.

    Figure 41.

    • Password for OAuth Certificates: Enter the password to protect the private keys of certificates. The password can only contain alphanumerical symbols (a-z, A-Z, 0-9) and any of the standard printable ASCII characters (:_#$%&<> and others). The password cannot contain spaces.

    • Local Path for Certificates Folder: the full local path to the OAuth Certificate folder or to a copy of this folder where OAuth certificates were generated during the separate installation of the OAuth Server. The certificate folder should contain all the necessary certificates.

      You may check Configure OAuth components later manually and continue with the installation. This will require changing the OAuth.config files and deploying certificates manually.

  2. Click Next.

  3. Click Install to complete the installation.

    Figure 42.

  4. After the Agent Service is installed, go to the Aras Innovator Server installation and add Agent Service tag, as copied from step 6 the into the InnovatorServerConfig.xml to specify the location of the Agent Service:

    <AgentService InnovatorToServiceAddress="http://localhost:8734/” />

Installing the Agent Service as https

To use the Agent Service as an https service, you must configure the SSL certificate to be bound to an HTTPS endpoint in the default Kestrel configuration section. The “Certificate” subsection in the Kestrel HTTPS Endpoints configuration section is used for the certificate configuration from the file or from the certificate store.

Note
Refer to the following link for additional info:

https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-3.1#listenoptionsusehttps

Using the certificate from the file

To use the certificate from the file it is necessary to specify the path to the certificate file and the certificate password in the “Certificate” subsection:

“Kestrel": {

“Endpoints": {

“HTTPS”: {

“Url": “https://0.0.0.0:8735/",

“Certificate”: {

“Path”: “SSLCertificate.pfx”,

“Password”: “password

}

}

}

}

  • Path: a path to a file with a private SSL certificate generated for the current machine.
  • Password: a password for the private SSL certificate.
Note
Passwords for certificates should be encrypted to increase security. Agent service configuration supports passwords encrypted using the public RsaCrypt.exe tool that can be found on the CD Image.

Using RSACrypt

The RSACrypt utility enables the encryption and decryption of different text values including XML configuration files.

Usage:

RsaCrypt.exe [-c {key container name}] [-m] [-d] [-w] [-t {content}] file x-path x-path x-path...

where:

  • []: they are used for optional arguments
  • -c (key container name): a Key container name used in keys storage.
  • -m: it uses machine key storage.
  • -d: it decrypts values using the x-path in an xml file.
  • -nw: the utility will finish without the additional confirmation of pressing the Enter key (press <Enter> to exit).
  • -t {content}: it provides the content for encryption or decryption. Required parameters are ignored.
  • file: the full path to an xml file.
  • x-path: an x-path used to decrypt or encrypt xml-file values.

Using the certificate from the certificate store

To use the certificate from the certificate store it is necessary to import .pfx certificate in the store and configure the Certificate subsection as in the following example:

“Kestrel": {

“Endpoints": {

“HTTPS”: {

“Url": “https://0.0.0.0:8735/",

“Certificate”: {

“Subject”: “subject”,

“Store”: “TrustedPublisher”,

“Location”: “LocalMachine”,

“AllowInvalid”: false

}

}

}

}

  • Subject: The subject name for the certificate to load. Parameter is required.
  • Store: The certificate store to load the certificate from. Parameter is required.
  • Location: The store location to load the certificate from. Default is CurrentUser.
  • AllowInvalid: Indicates if invalid certificates should be considered, such as self-signed certificates. Default is false.