Clovertech

TLS TCP/IP HL7

Clovertech Forums Cloverleaf TLS TCP/IP HL7

  • Creator
    Topic
  • March 31, 2025 at 3:19 pm #121964
    Jerry Sawa
    Participant

      We currently have an interface with an offsite vendor where we connect via a VPN.  Vendor wants us to change from using a VPN to use TLS.

      Received the following from the vendor if that makes anything clearer.

      All existing customers are being transferred to the Azure Cloud and converted to TLS connectivity. The standard connection protocol in the Azure Cloud for interfaces is TLS (Transport Layer Security). This encryption protocol was chosen based on widespread compatibility and ease of implementation.

      Not sure how to set this up, what documentation I could find is a little confusing.

      We’re on 2022.09.03.01.  We do have the necessary license.

      I’ll be attaching screenshots.

      Any help would be greatly appreciated!!!!

       

    • Creator
      Topic
    Viewing 4 reply threads
    • Author
      Replies
      • March 31, 2025 at 3:24 pm #121965
        Jerry Sawa
        Participant

          I would put the URL in the “Host:” field?  See “PDF TCPIP Properties” attachment.

          Not sure what to enter in the fields in the “CA Path  CA File” attachment.

          Attachments:
          You must be logged in to view attached files.
        • March 31, 2025 at 4:56 pm #121969
          David Barr
          Participant

            I would try to find out if they’re using HTTPS or HL7 MLLP+TLS. HTTPS is more common.

            They should send you a lot more information than you’ve provided here: protocol, server address, port, authentication type, TLS version, etc.

          • March 31, 2025 at 5:23 pm #121970
            Jerry Sawa
            Participant

              They did.  Sorry, I neglected to include.

              The mode can be ClientAuth,

              SSl Protocol — TLS 1.3.   

              Cipher list — TLS_AES_128_GCM_SHA256.

               

            • April 2, 2025 at 11:00 am #121982
              Robert Kersemakers
              Participant

                In ‘SSL Configure’ choose Mode ‘ClientAnon’ so all paths are greyed out. You can then choose SSL Protocl ‘TLSv1.3’ (you need CL2022.09 for this; CL19.1 only supports up to TLSv1.2) and then select the required SSL Cipher Suite.

                We are getting questions about secure/encrypted HL7 connections for all vendors. I don’t think many vendors can support this though.

                Zuyderland Medisch Centrum; Heerlen/Sittard; The Netherlands

              • April 11, 2025 at 3:22 pm #121997
                Rob Lindsey
                Participant

                  I agree not many vendors can do SSL/TLS over tcp/ip sockets.  We are starting to get some inquiries about this but have not started to set that up as of yet.  It is coming.

              • Author
                Replies
              Viewing 4 reply threads
              • You must be logged in to reply to this topic.