web stats
TCP Sender - Can't use Velocity template for host name when using SSL - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 10-25-2018, 07:11 AM
MirthManNC MirthManNC is offline
What's HL7?
 
Join Date: May 2018
Posts: 4
MirthManNC is on a distinguished road
Default TCP Sender - Can't use Velocity template for host name when using SSL

I have a pretty typical channel with a single TCP Sender destination. I want to make the remote address a Velocity template that references a value in the configuration map, e.g., ${ObdHost}. This works great when I click the "Test Connection" button, but it does not work when sending a message. I get error "Certificate for <${ObdHost}> doesn't match any of the subject alternative names: [bostic1.carydev.local]".

I can put the literal server name in the remote address and it works.

I thought, "what if ObdHost isn't defined in configuration map?". I created a source transformer that set variable "aaa" to $('ObdHost'), and 'aaa' had the correct value in the source map. So I know ObdHost is there.

Then I used quiet reference notation, i.e., $!{ObdHost}. That way, if ObdHost isn't defined, the error message should have empty string and not show the Velocity template. Error message shows the template.

What if Velocity encountered an error in a different field, causing none of the references to be replaced? No dice, the port number is done the same way, i.e., ${ObdPort}, and renders correctly.

I put this in the hostname:
#set (aaa='bostic1.carydev.local)${aaa}
That works great when I test connection, and it works when I send a message without SSL, but when I try to send a message using SSL, I get "Certificate for <#set($aaa="bostic1.carydev.local")${aaa}> doesn't match any of the subject alternative names: [bostic1.carydev.local]".

It just seems like you can't use a Velocity template in the destination server field when using SSL. Is this a Mirth bug?

Last edited by MirthManNC; 10-25-2018 at 08:54 AM.
Reply With Quote
  #2  
Old 10-25-2018, 11:48 PM
siddharth siddharth is offline
Mirth Guru
 
Join Date: Feb 2013
Posts: 832
siddharth is on a distinguished road
Default

let's say you have a url defined in configuration Map. obdHost : 10.10.10.10

The way to pull something from config map is $cfg('obdHost'). But here is a problem that I have personally faced. I cannot pull this variable directly onto the TCP Host place holder using velocity - which would be something like ${obdHost}.

Instead, what I have done is , pull this variable from the configMap in the deploy scripts section, and push it onto a globalChannelMap variable, and then use this variable.

Now, when you run test connection it will throw an error, but when you deploy test the channel it will work 100 percent. This approach works.

People have told me otherwise, that this extra step to go from deploy scripts is not needed as velocity scans all the available maps when invoked, but I am yet to see that in action.
__________________
HL7v2.7 Certified Control Specialist!
Reply With Quote
  #3  
Old 10-29-2018, 09:34 AM
MirthManNC MirthManNC is offline
What's HL7?
 
Join Date: May 2018
Posts: 4
MirthManNC is on a distinguished road
Default

Quote:
Originally Posted by siddharth View Post
People have told me otherwise, that this extra step to go from deploy scripts is not needed as velocity scans all the available maps when invoked, but I am yet to see that in action.
Thank you for the response. That's a really clever work-around.

It seems that it does scan all available maps, because when it's not using SSL, it works. I think what's happening is that the SSL validation is happening before the Velocity transformations are applied, so it's validating ${ObdHost}.
Reply With Quote
  #4  
Old 10-29-2018, 06:16 PM
agermano agermano is offline
Mirth Guru
 
Join Date: Apr 2017
Location: Indiana, USA
Posts: 712
agermano is on a distinguished road
Default

Sounds like a bug. It couldn't be doing the SSL validation before the velocity replacement, because the host needs to already be replaced to retrieve the certificate in the first place.

I'd contact support since I don't think you're supposed to open Jira issues for commercial extensions.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 01:41 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Mirth Corporation