Certificate Manager

Certificate Manager allows to upload the application domain SSL certificate. This certificate is required to configure URL Alias for members to access the applications.

Uploading Domain SSL Certificates

Note - A domain-validated certificate (DV) is an X.509 digital certificate used for Transport Layer Security (TLS). The domain name of the applicant is validated by providing control over a DNS domain.

  1. Access the Harmony SASE Administrator Portal and click SettingsCertification Manager.

  2. Click Upload Certificate.

    The Upload Certificate window appears.

  3. Enter these:

    1. Certificate name

    2. Certificate body

    3. Certificate private key

    4. Certificate chain

  4. Click Validate to ensure this certificate is correct.

  5. Click Apply.

URL Aliasing for Zero-Trust Applications on Harmony SASE

URL aliasing enables Zero-Trust Applications on the Harmony SASE platform to utilize a custom URL instead of the default FQDN assigned upon creation. This feature is essential for applications that establish connections from a trusted customer domain rather than the default Harmony Zero-Trust Application domain (pzero.perimeter81.com). It is used to authenticate the accessed resource through the company’s domain and help troubleshoot security blocks, such as CORS issues when web servers require connections from a trusted Domain-Validated SSL certificate.

To define a URL Alias, do these:

  1. Access the Harmony SASE Administrator Portal.

  2. Go to Private Access > Applications.

  3. Find or set up the application you wish to alias.

    Note - The Zero Trust Application’s FQDN is allocated in the Harmony SASE Administrator Portal only after you save your application’s settings.

  4. Once the application setting is saved, in the FQDN field, click to copy the FQDN.

  5. Go to your public DNS server (example: GoDaddy or Route53), define a CNAME record for a validated domain to point to the copied FQDN.

  6. Go back to the Harmony SASE Administrator Portal, go to the URL Alias section, and turn on the URL Alias toggle button.

  7. In the External Domain (CNAME) field, enter the CNAME associated with your domain.

  8. From the SSL Certificate list, select the certificate.

  9. If your security mechanisms require the connection to originate from a specific host for successful webpage:

  10. Go to the Custom HTTP Headers section.

  11. In the Name field, enter Host.

  12. In the Value field, enter the configured CNAME.