IT Checklist
Add Amazon Root CA 1 to the trusted repository
Whitelisting main Browzwear Cloud License Manager server
accounts.browzwear.com
license.stylezone.com (Default, must be in the list)
license.stylezone.cn (China Specific)
Whitelisting regional Browzwear Cloud License Manager servers
Wildcards are preferred as these will cover future regions
*.stylezone.com
*.browzwear.com
*.stylezone.cn
*.browzwear.cn
If Wildcards are not possible, add current regions:
us-east-1-license.stylezone.com
eu-west-1-license.stylezone.com
ap-southeast-1-license.stylezone.com
license.stylezone.cn
Whitelisting Browzwear Application services
Wildcards are preferred as these will cover future services
*.browzwear.com
If Wildcards are not possible, add:
config.prd01.prod.browzwear.com (application configuration)
dpc.prd01.prod.browzwear.com (auto stitch)
libraries.browzwear.com (asset library)
api.browzwear.com (integrated search)
help.browzwear.com (help center)
*.support.browzwear.com (in-app help, e.g. en-us.support.browzwear.com)
support.browzwear.cn (Chinese help center)
Whitelisting Stylezone server
[yourbrand].stylezone.com (coordinate this DNS with us first)
Handling corporate proxy SSL inspection
If your organization uses a proxy that performs SSL inspection (decrypts and re-signs HTTPS traffic with a corporate CA certificate), traffic between the Browzwear applications and Browzwear cloud services may fail because the applications do not trust the corporate CA. Whitelisting the URLs above allows traffic through the firewall, but it does not prevent SSL inspection. Three options are available to address this:
Bypass SSL inspection for Browzwear executables (recommended): Configure your proxy or endpoint agent (e.g. Zscaler, Palo Alto, Symantec, Forcepoint) to bypass SSL inspection for the Browzwear processes listed below. This option is the most robust as it covers all current and future Browzwear domains, including third-party resources loaded by the applications.
Windows executables:
VStitcher.exe Lotta.exe
StylezoneConnect.exe
VStitcherHtmlRenderer.exe (shared by VStitcher and Lotta)
StylezoneConnectHtmlRenderer.exe
macOS bundle identifiers:
Main applications (installed under /Applications/Browzwear/):
com.browzwear.VStitcher
com.browzwear.Lotta
com.browzwear.StylezoneConnect
CEF helper processes (four per main app, nested inside Contents/Frameworks/):
com.browzwear.VStitcherHelper, com.browzwear.VStitcherHelperRenderer, com.browzwear.VStitcherHelperGPU, com.browzwear.VStitcherHelperPlugin com.browzwear.LottaHelper, com.browzwear.LottaHelperRenderer, com.browzwear.LottaHelperGPU, com.browzwear.LottaHelperPlugin com.browzwear.StylezoneConnectHelper, com.browzwear.StylezoneConnectHelperRenderer, com.browzwear.StylezoneConnectHelperGPU, com.browzwear.StylezoneConnectHelperPlugin
If your proxy agent does not support bundle identifiers, match by executable path or by code signing identity (“Browzwear Ltd”).
Bypass SSL inspection for Browzwear domains: If your proxy does not support per-application bypass, configure it to bypass SSL inspection for the same domains listed in items 2–5 above (the *.browzwear.com, *.browzwear.cn, *.stylezone.com, *.stylezone.cn wildcards, plus [yourbrand].stylezone.com). Note that this option requires ongoing maintenance as new Browzwear services are added
Enable the internal Browzwear proxy (per-workstation configuration): Browzwear applications can be configured to route all outbound traffic through an internal local proxy (StylezoneConnect) running on the workstation, bypassing the operating system’s network stack for SSL verification. This is a per workstation configuration that edits the common.ini file on each machine. Full instructions are available in the Browzwear help center: https://help.browzwear.com/en/articles/13065056-internet-connectivityconfiguration