Web Server Certificate

Mirth® Connect by NextGen Healthcare User Guide

Installation Directory

In general, the principle of least privilege should be followed, and only Administrators should have access to the installation directory that Mirth® Connect is installed into. If installed on a dedicated machine, that machine should only be accessible to said administrators. If installed on a shared machine, it should be done in such a way that the Connect installation directory is only accessible by administrators. Notes on specific folders inside the installation directory: appdata: The Application Data Directory stores configuration and temporary files used by Mirth® Connect during runtime. Take note of: configuration.properties: By default this file is used to store the current state of the Configuration Map. However in mirth properties you can choose to store the configuration map in the database, or you can select a different file location. For example if you have a separate network storage location specifically for secure files, you could choose to store the configuration map f

Mirth® Connect by NextGen Healthcare User Guide

Mirth® Connect REST API

The Administrator and Command Line Interface both use a well-defined API to communicate with the Mirth® Connect server. You can also use the same API to create custom integrations of your own. The API is documented at https://localhost:8443/api (change the IP / port as needed), or you can select View Client API in Administrator via Other Tasks: Select the View Client API action to open the API documentation in your default browser. Note: You may see a warning in your browser if your Mirth® Connect instance is still using the auto-generated self-signed certificate. You can select Advanced and allow the browser to continue to the page. To resolve this warning, look at Application Data Directory for instructions on installing your own certificate. Select the arrow button on one of the endpoint group rows to view its operations. This list shows the operation's HTTP method type, request URL, and a description for each endpoint. Select on one of the endpoint rows to view its details. If desi

Mirth® Connect by NextGen Healthcare User Guide

Event Tasks

The following context-specific tasks are available from the Events View: Task Icon Task Name Description Refresh Updates events within the current search page. Note: Note that this is different from selecting the Search button. The Search operation performs a completely new search without a Max Event Id and resets the count and pagination options. The Refresh task re-performs the search using the existing Max Event Id, so that no new events since the last Search will be included. Also, it preserves the current page being viewed instead of reverting back to the first page. Export All Events Exports all events to a file in the Application Data Directory. For additional information, see Export All Events Export All Events Parent topic: Events View

Mirth® Connect by NextGen Healthcare User Guide

Export All Events

When you select this task, a confirmation dialog appears: Select Yes to continue. A comma-separated value (CSV) file will be written into an "exports" folder inside your Application Data Directory. Parent topic: Event Tasks

Mirth® Connect by NextGen Healthcare User Guide

Connect to Database using SSL/TLS

By default, Mirth® Connect is configured to connect to an embedded Apache Derby database for quick deployment, development, and testing. When using Mirth® Connect in production environments, we recommend changing the underlying database to one of the supported servers: PostgreSQL 8.3+ MySQL 5.6+ Oracle 10gR2+ SQL Server 2005+ There is more information on changing the database type here: Changing the Database Type And more information about configurable options in mirth.properties here: mirth.properties File Typically these database connections are not encrypted by default. The instructions to enable SSL/TLS traffic for database connections differ depending on the database and JDBC driver you are using. Here are some instructions for each of the supported backend databases. For more information, consult the manuals for the specific database and JDBC driver you are using. Importing the Database Server Certificate PostgreSQL MySQL Oracle SQL Server Parent topic: Secure Installation and De

Mirth® Connect by NextGen Healthcare User Guide

Networking

By it is very nature, Mirth® Connect is an application that typically has a lot of inbound and outbound connections. It is up to you (or your IT staff) to decide how lenient or strict you want your firewall to be. Typically all inbound access is denied by default, and specific IP/port rules are added for specific channels. Outbound connectivity is less of a concern, and typically all outbound connections are allowed. Image of the network topography By default, Mirth® Connect listens on two ports: 8080 and 8443. These ports are used by the web server that serves up the main launch page, as well as API access (which the Administrator GUI and CLI use). The specific ports used can be configured in mirth.properties: http.port https.port You can disable plain HTTP altogether by simply commenting out the "http.port" entry. This ensures that only secure HTTP (HTTPS) is used for all main web server traffic. Parent topic: Secure Installation and Deployment

Web Server Certificate

Recommendations

Installation Directory

Mirth® Connect REST API

Event Tasks

Export All Events

Connect to Database using SSL/TLS

Networking