Configure access parameters for an application
How to manage access to your applications.
You will see a DRAFT VERSION next to the application name, till you deploy the application.
- Log in to the Enterprise Application Access (EAA) Management Portal.
- From the top menu bar, click Applications. The application cards appear.
Click the application card for
the application you want to configure.
The application information appears.
- Click .
The Application Server
IP/FQDN type is prepopulated based on the Application Profile.
In the first Application Server IP/FQDN field select one of these:
https .(default) Select this option for secure web traffic.
Verify Origin Server Certificate. (on-by-default) Allows you to do the origin server certificate validation. (recommended). Also select a root CA certificate.
ROOT CA Certificate. Choose the root CA certificate with the full bundle you uploaded into EAA. See Upload a ROOT CA certificate for origin server validation.
Note: If you choose https, but disable Verify Origin Server Certificate, you will see a warning message:
Note: If you enable Verify Origin Server Certificate and do not upload a ROOT CA Certificate, you see a warning message:
http. Select this option if you want http traffic.
In the second Application Server
IP/FQDN field, enter either a valid internal IP address for the
server or the fully qualified domain name (FQDN) that you use to access this
server when inside your company’s network.
Note: If you are doing origin server certificate validation, you must provide an FQDN for the Application server. It cannot be done with an IP address of the app server.
In the third Application Server
IP/FQDN field, enter an IP port number.
Note: For HTTPS, IP port 443 is default. If your application doesn’t normally redirect you to the login page, you may need to include a suffix (for example, /login) in the third field.
- To configure multiple applications servers for load balancing, click Add More. EAA supports various load balancing techniques including round-robin, session or cookie stickiness, and source IP hash.
- If you are configuring a VNC application, optionally enter a VNC passphrase or password, if your server is configured to allow access via VNC.
Select a External Host
Name domain type, then enter an external host name for the
- If you select Use Akamai domain, you don't need to configure certificates.
- In our example, the
complete external URL to access this application is
https://eaa-acme-app.go.akamai-access.com. If you are using the Akamai domain akamai-access.com, you don’t need to configure certificates or your external DNS.
- If you select Use your domain, specify a certificate for the domain and setup a CNAME redirect. See Add a certificate to EAA, Associate a certificate for using your own domain for your application and Set up a CNAME redirect for an application.
Select the Akamai Cloud Zone
located closest to the data center where your application server resides.
Associate a connector with the application. Click Add/Remove
connector and select a connector to associate with the
application, such as the VMware connector.
- Click Done.
To add more connectors, click Add/Remove connector.
Note: EAA recommends more than one connector for high-availability and load balancing.
Click Save and go to
The Authentication tab opens.
- If you are a first time user following the Quick start guide, leave this procedure and continue with Step 4: Configure an authentication source.
- If using EAA as the SAML identity provider, see Configure EAA as the IdP for a custom SaaS application.
- If using a third party IdP, see Assign identity providers to an application .
Click Save and go to
The Service tab opens. If you want to configure these optional services, see Set up services for an application.
Click Save and go to Advanced
The Advanced Settings tab opens. If you want to configure these optional advanced settings, see Set up advanced settings for an application.
- If you are using SAML as the Application-facing authentication mechanism, click Save & Go To SAML Settings. For more information, see EAA as the SAML identity provider.
- Click Save and go to deployment. The deployment tab opens.
- If all required information for the application is configured, the application is ready for deployment. Click Deploy Application. To learn more see Deploy the application.