# Test Manager config file encryption > Test Manager runs certificate-based encryption to secure the configuration files. You can manually encrypt and decrypt the config files using `testmanager.exe`, as part of Test Manager Provisioning Tool. You can find the tool in the default Test Manager installation location, as follows: `C:\Program Files (x86)\UiPath\TestManager\Tools\TestManagerProvisioner`. Alternatively, you can find it in your custom installation folder. Test Manager runs certificate-based encryption to secure the configuration files. You can manually encrypt and decrypt the config files using `testmanager.exe`, as part of Test Manager Provisioning Tool. You can find the tool in the default Test Manager installation location, as follows: `C:\Program Files (x86)\UiPath\TestManager\Tools\TestManagerProvisioner`. Alternatively, you can find it in your custom installation folder. To start using the Test Manager Provisioning Tool to encrypt your configuration files, download and install the [UiPath Test Manager installation package](https://download.uipath.com/UiPathTestManager.msi) on your machine. :::note * For Test Manager versions older than 20.10.4, you need to decrypt the configuration file using the obfuscator (deprecated) command, before encrypting it through the new method. * The commands are case sensitive. * Once encrypted, the values cannot be changed by editing the `appsettings.production.json` file. You need to decrypt and then re-encrypt. ::: ## Prerequisites * The encryption process overwrites current configurations. Ensure you back up the `appsettings.production.json` file before proceeding. You can find the file in `C:\Program Files (x86)\UiPath\Test Manager\` * Open the `appsettings.production.json` file to configure the `SigningCredentialSettings`. If this section is missing, you need to add it to the file. Make sure that the private key is accessible by the user that runs the Test Manager instance, either through the Application Pool Identity, or the user you have specified during installation. ``` "SigningCredentialSettings": { "StoreLocation": { "Name": "66B6B5A95BD055C8A264E643F9F8B26C7BEAA841", "Location": "LocalMachine", "NameType": "Thumbprint" } } ``` `Name`: The Thumbprint of your certificate. Keep an eye on the `Name` object when pasting the Thumbprint value, as it is similar to `NameType` and it might create confusion. We recommend using the default values for `Location` and `NameType`. Save the file after you have pasted the value in the `SigningCredentialSettings` object.