Enable Encryption

LDAP Authorization User Guide

LDAP Connection Error: "javax.net.ssl.SSLHandshakeException"

The LDAP connection error "javax.net.ssl.SSLHandshakeException" can occur if you have enabled SSL or STARTTLS and have no yet imported the Lightweight Directory Access Protocol (LDAP) server certificate This error can occur if you have enabled SSL or STARTTLS but have not yet imported the Lightweight Directory Access Protocol (LDAP) server certificate using the SSL Manager plug-in for Mirth® Connect by NextGen Healthcare. Parent topic: Troubleshooting Connection Errors Related tasks Import the LDAP Server Public SSL Certificate

LDAP Authorization User Guide

Import the LDAP Server Public SSL Certificate

Use the SSL Manager plug-in to import a Lightweight Directory Access Protocol (LDAP) server public certificate into Mirth® Connect by NextGen Healthcare. Before you begin Ensure that the SSL Manager plug-in is installed. When it is installed, an SSL Manager tab appears to the right of the LDAP Authorization tab under Mirth® Connect settings. Before enabling certificate validation, you must import the Lightweight Directory Access Protocol (LDAP) server public certificate into Mirth® Connect by NextGen Healthcare using the SSL Manager plug-in. This task is necessary only if you selected Enabled in the Certificate Validation field. Select the SSL Manager tab. In the Public Certificates section, select Import . Enter the host and port of your LDAP server, and then select Get Certificates. Select the certificate, and then select Import. Selecting and importing a certificate from the SSL Manager tab After the certificate has been imported successfully, Mirth® Connect can communicate with the

LDAP Authorization User Guide

LDAP Connection Error: "An error occurred while attempting to establish a secure connection"

The LDAP connection error "An error occurred while attempting to establish a secure connection" can result from an incorrect port number, an untrusted server certificate, or a missing server certificate. Ensure that the port number is correct. Lightweight Directory Access Protocol (LDAP) servers typically use port 389 for unencrypted communication or the STARTTLS mode and port 636 for the SSL mode. Ensure that you have imported the LDAP server certificate. This error can occur if you have enabled SSL or STARTTLS but have not yet imported the LDAP server certificate using the SSL Manager plug-in for Mirth® Connect by NextGen Healthcare. Ensure that the LDAP server certificate is trusted. Parent topic: Troubleshooting Connection Errors Related tasks Enable Encryption

LDAP Authorization User Guide

Troubleshooting Connection Errors

Lightweight Directory Access Protocol (LDAP) connection errors can appear in the Mirth® Connect by NextGen Healthcare server log. They can also appear when you test the connection in the LDAP Authorization settings panel. A Connection Error in the Test Connection Window In some cases, you can gain additional information about an error condition by enabling debug logging for LDAP activity. LDAP Connection Error: "Admin User DN or Admin Password is invalid" The Lightweight Directory Access Protocol (LDAP) connection error "Admin User DN or Admin Password is invalid" includes a data number that indicates why the credentials were rejected. LDAP Connection Error: "An error occurred" The Lightweight Directory Access Protocol (LDAP) connection error "An error occurred" indicates an error that Mirth® Connect by NextGen Healthcare does not recognize. LDAP Connection Error: "An error occurred / No route to host" The Lightweight Directory Access Protocol (LDAP) connection error "An error occurred

LDAP Authorization User Guide

Set Up the LDAP Connection

To set up Lightweight Directory Access Protocol (LDAP) integration, you must enable LDAP, enter a host address and port number, and enter the base distinguished name (DN). To set up Lightweight Directory Access Protocol (LDAP) integration, perform these steps. In the LDAP Configuration section, open the LDAP Authorization tab. Set LDAP Enabled to Yes. This option is initially disabled. Enabling LDAP Integration Enter the host address and port of your LDAP server.The standard port used by LDAP servers is typically port 389. When Secure Sockets Layer (SSL) protocol is enabled, the port number typically is 636. Host Address and Port Enter the base distinguished name (DN).The base DN is the root DN under which all operations and user searches take place. If this field is left blank, Mirth® Connect by NextGen Healthcare attempts to detect the base DN from the Admin user DN. Base DN Enter the Admin user DN (also called the Bind DN) and the password. These are the credentials that Mirth® Conn

LDAP Authorization User Guide

LDAP Authorization in Mirth® Connect by NextGen Healthcare

When the Lightweight Directory Access Protocol (LDAP) extension is installed, users can log on to Mirth® Connect by NextGen Healthcare using credentials that are controlled by a separate LDAP directory. The connection between Mirth® Connect and the Lightweight Directory Access Protocol (LDAP) server can be encrypted if needed for security. You can use the Role-Based Access Control extension for Mirth® Connect to assign roles to specific groups of user accounts in the LDAP directory. The LDAP extension is designed to work with LDAP directory services such as: Active Directory OpenLDAP™ ApacheDS™ You can configure LDAP integration in Mirth® Connect in Settings > LDAP Authorization: LDAP Configuration section When LDAP authorization is enabled, only user accounts that exist in the LDAP Directory are permitted to log on to Mirth® Connect. Any local Mirth® Connect user accounts (listed under Users in Mirth® Connect) are disabled. These accounts are re-enabled if LDAP authorization is later

Enable Encryption

Recommendations

LDAP Connection Error: "javax.net.ssl.SSLHandshakeException"

Import the LDAP Server Public SSL Certificate

LDAP Connection Error: "An error occurred while attempting to establish a secure connection"

Troubleshooting Connection Errors

Set Up the LDAP Connection

LDAP Authorization in Mirth® Connect by NextGen Healthcare

LDAP Connection Error: "javax.net.ssl.SSLHandshakeException"

Import the LDAP Server Public SSL Certificate

LDAP Connection Error: "An error occurred while attempting to establish a secure connection"

Troubleshooting Connection Errors

Set Up the LDAP Connection

LDAP Authorization in Mirth® Connect by NextGen Healthcare