Airlock as a Service Knowledge Base

Custom domain

By default, tenant IAMs are accessible through the platform domain airlock.cloud. To use a custom domain for the tenant applications (Loginapp, Adminapp, and Transaction Approval), you must both enable custom domains in the Airlock Console and update the tenant IAM configuration in the saas.yaml file. This page describes how to enable custom domains. For details about the required tenant IAM configuration, see ALSAASPM-N-177.

Configure a custom domain to make tenant applications accessible through a domain that you own. Custom domains can be configured independently for the following applications:

  • Loginapp

  • Adminapp

  • Transaction Approval

Notice

  • A custom domain cannot be configured while mTLS is enabled.

  • Although a custom domain can be configured for the Adminapp, the application is not directly accessible. Access requires a valid SSO ticket and a supporting IAM configuration.


Accessing the Custom Domain settings

  1. In the Airlock Console, go to:
    Configuration >> Custom domain

  2. Select the tab for the application you want to configure (Loginapp, Adminapp, or Transaction Approval).

  3. Select Custom domain.

  4. Create the DNS records shown on the page.

  5. Once the DNS records are active, enter the domain name and click Save.

Notice

Custom domain settings take effect immediately. No further activation is required.


DNS verification

When you configure a custom domain, the platform performs a DNS verification. Before the change is applied, the result of the verification is displayed in the confirmation dialog.

If the required DNS records cannot be found or are configured incorrectly, a DNS verification failed warning is displayed:


DNS records

To use a custom domain, you must configure the required DNS records for the domain.


ACME Record

The ACME record is used to verify ownership of the domain and to enable automatic issuance and renewal of TLS certificates through the ACME protocol.


Record type

CNAME

TTL

86400

Host

_acme-challenge.<your-custom-domain>

Target

_acme-challenge.<your-custom-domain>.acme.airlock.cloud


Custom domain record

This record maps your domain to the target domain provided by Airlock.


Record type

CNAME

TTL

86400

Host

<your-custom-domain>

Target

custom.ch-1.airlock.cloud