3

This is basically a yes/no question. I am investigating Mirth Connect for my company but, at least to start out, we need this to work using only the Open Source version.

Of course, HIPAA requires that all message sending be done over HTTPS (using SSL).

Does the Open Source version support HTTPS out of the box.

I looked in the Administrator Channel setup and did not see an obvious way to force connections to use HTTPS. So, if it IS supported, how do you set it up?

Seth Spearman
  • 6,710
  • 16
  • 60
  • 105

1 Answers1

2

The open source distribution does support sending out via HTTPS using the HTTP Sender. However it just uses the default Java truststore, so any custom certs you trust will have to manually be added to cacerts. Advanced options like hostname verification, mutual auth, etc. aren't supported with the open source distribution.

The SSL Manager extension expands on this, adding TLS support for all socket-based source and destination connectors:

  • DICOM Listener / Sender
  • File Reader / Writer
  • HTTP Listener / Sender
  • TCP Listener / Sender
  • Web Service (SOAP) Listener / Sender
  • Email Reader / SMTP Sender

It not only enables TLS but allows advanced fine-tuning options on a per-connector basis, like Hostname Verification, Mutual (Client) Auth, tweaking protocols / cipher suites, and more:

SSL Settings

On top of that it provides a one-stop shop for all trusted and local certificates / keypairs used across your server. You can even create entirely new certificates in the Administrator, generate a CSR, and import the reply from a CA.

Nick Rupley
  • 1,028
  • 7
  • 8
  • However, am I correct in saying that to get the SSL Manager Extension will cost a minimum of $20K per year or can you buy/license JUST that extension? In my opinion, if you answer that you have to have a commercial license to use the SSL Manager then that makes Mirth Open-Source almost useless. – Seth Spearman Jun 23 '17 at 18:36
  • It is possible to do HTTPS with Mirth Connect open source. I have done it with 3.3.1 version. – Vibin Guevara Jun 26 '17 at 12:21
  • @VibinGuvera explain how. – Pablo Pazos Sep 03 '18 at 17:32
  • @SethSpearman We have an offering called the Core Extension Bundle that doesn't require a support license, and includes the SSL Manager, Channel History, and Message Generator extensions. More info [here!](https://www.nextgen.com/products-and-services/integration-engine) – Nick Rupley Sep 04 '18 at 22:41
  • The link to the PDF which describes the Core Extension Bundle is here: https://ng.nextgen.com/secure-integration-lower-cost-core-bundle It doesn't indicate price however. – Chloe Jan 09 '20 at 20:54