Plan for worker installation

In zervicepoint terms, the "Worker" is a summary of the zervicepoint systems Client Web Service, Provisioning System and Provisioning Inventory System installed on a server in a on-premises environment.

List of prerequisites for Zervicepoint Worker

  • Windows Server (2012/2016/2019)
  • Service Account(s)
  • DNS entry for ClientWebService
  • Certificate for ClientWebService

OS requirements

  • Windows Server 2012 R2 x64
    • Standard or Enterprise
  • Windows Server 2016 (Recommended)
    • Standard or Datacenter
  • Windows Server 2019
    • Standard or Datacenter

Windows Features requirements

The following Windows features should be installed on the server:

This is for Server 2016/2019. Run the command below in Powershell with Administrative rights

Add-WindowsFeature -Name @(

Service Accounts

You can use either a local or domain service account. We recommend using a domain service account in order to easily authenticate with Active Directory.

The service account for ClientWebService should have "read" related permissions to systems it integrates with, while the ProvisioningSystem service should have read/write.

for Client Web Service

  • Local or domain account (i.e svc-zp-cws)
  • Permissions
    • Log on as service on the worker server
    • Full control permissions to client web service data signing certificate

for Provisioning System service

  • Local or domain account (i.e svc-zp-ps)
  • Permissions
    • Local Administrator


Allow the following network traffic

Protocol Origin Destination Port
TCP Worker server 443, 9900, 20000, 30000
TCP Client Worker server 443
TCP Client 443, 20000

Verify that the customer clients and servers are able to access the Zervicepoint cloud environment

  • The server has internet access
  • The ports above has been configured
  • No proxy is blocking the clients and servers from reaching Zervicepoint cloud environment

Client web service

What is Client Web Service?

DNS record

  • A DNS host (A/AAAA) record that points to the worker server, i.e.

Web certificate

Client web service communication certificate (SSL/TLS certificate)

  • Used by Client Web Service for encrypting communication (https)
  • Should have same common name as the DNS record for the worker server. (i.e

This certificate must be installed in the Local Machine personal folder on the worker server prior to the installation.

Configure Client Web Service URL

At first, your client web service URL will need to be updated in the zervicepoint administration portal.

Log in to the portal, open Administration, click edit store and then the tab Worker Authentication and add

  1. Client web service url https://<>:443/ProviderService.svc/CallProvider
  2. Ensure Authentication method is assigned to Key.
  3. Save settings.