web stats
Connecting to remote DB ("mirthdb") using SSL - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 03-01-2018, 07:51 AM
LAM LAM is offline
What's HL7?
 
Join Date: Feb 2018
Posts: 4
LAM is on a distinguished road
Default Connecting to remote DB ("mirthdb") using SSL

Solved! For posterity, the following is how I set this up (MySQL), perhaps it will be helpful to someone in the future...

1. Set database username and password in mirth.properties
2. Set `database = mysql` and `database.url = jdbc:mysql://<server>:<port>/mirthdb?useSSl=true&requireSSL=true`
3. Added the following to `mcserver.vmoptions` (imported CA cert to truststore and client key & cert to keystore https://dev.mysql.com/doc/connector-...ing-ssl.html):
-Djavax.net.ssl.trustStore=<path to truststore>
-Djavax.net.ssl.trustStorePassword=<password>
-Djavax.net.ssl.keyStore=<path to keystore>
-Djavax.net.ssl.keyStorePassword=<password>

Original question:

I'm wondering if it's possible to put "mirthdb" on a remote server, and have this connection use SSL.

I'm trying to do this because it might be convenient to have in the same DB as some of our other schemas, and we already have this DB setup, but I'm wondering if this is practical or even possible.

1. Is there support for connecting to mirthdb using SSL? It looks like there's nothing related to this in `mirth.properties`.

2. Can a database writer connect using SSL?

3. (Obviously this is dependent on activity, server locations, etc.) Anecdotally, would having the DB on a different server greatly affect performance? If I'm able to do this I'll end up testing anyways, but other insights are always useful.

Thanks!

Last edited by LAM; 03-01-2018 at 12:16 PM.
Reply With Quote
  #2  
Old 03-01-2018, 11:29 AM
agermano agermano is offline
Mirth Guru
 
Join Date: Apr 2017
Location: Indiana, USA
Posts: 1,005
agermano is on a distinguished road
Default

I think that depends on the type of database you are using, how you have it set up, and whether the JDBC driver for it uses SSL.

Alternatively, you could probably set up a stunnel connection and communicate over that.
Reply With Quote
  #3  
Old 09-26-2019, 04:35 PM
mischa mischa is offline
What's HL7?
 
Join Date: Sep 2019
Posts: 1
mischa is on a distinguished road
Default Alternate solution

I followed this solution but later ran into issues when attempting to install plugins. Support helped to lead me to what I believe is a better solution to this. Rather than edit your mcservice.vmoptions you can edit the jdbc string in your mirth.properties to pass the certs needed. In my example I'm using PKCS12 keys but you can pass jks also this way.

jdbc:mysql://127.0.0.1:3306/mirthdb?useSSl=true&requireSSL=true&clientCertific ateKeyStoreUrl=file://path/to/keystore&clientCertificateKeyStorePassword=PASSWOR D&clientCertificateKeyStoreType=PKCS12&trustCertif icateKeyStoreUrl=/path/to/truststore&trustCertificateKeyStorePassword=PASSWO RD&trustCertificateKeyStoreType=PKCS12

Hopefully is useful to someone.
Reply With Quote
Reply

Tags
database, mirthdb, ssl

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 03:05 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Mirth Corporation