Smile CDR v2024.05.PRE
On this page:
   45.131    Two Factor Authentication 45.133    Transaction Log   

45.132.1TLS / SSL (Encryption)

 

The TLS / SSL (Encryption) configuration category includes the following configurable options:

  • TLS Client Authentication

  • TLS Enabled

  • TLS KeyStore Filename

  • TLS KeyStore Key Alias

  • TLS KeyStore Key Password

  • TLS KeyStore Password

  • TLS Cipher Blacklist

  • TLS Cipher Whitelist

  • TLS Protocol Blacklist

  • TLS Protocol Whitelist

  • TLS TrustStore Filename

  • TLS TrustStore Password

  • TLS: Disable SNI checking for debugging

45.132.2Property: TLS Client Authentication

 
Property Name TLS Client Authentication
Property Key
Property Type BOOLEAN
Description Should the listener for this module require incoming connections to authenticate using TLS Client Authentication?
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value false
Example Property
module.[MODULE_ID].config.tls.clientauth.enabled = false

45.132.3Property: TLS Enabled

 
Property Name TLS Enabled
Property Key
Property Type BOOLEAN
Description Should the listener for this module require TLS (i.e. SSL or HTTPS) encryption for incoming connections?
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value false
Example Property
module.[MODULE_ID].config.tls.enabled = false

45.132.4Property: TLS KeyStore Filename

 
Property Name TLS KeyStore Filename
Property Key
Property Type Resource Path
Description The filename for the TLS KeyStore used to hold private keys for TLS connections. This can be in the format classpath:path/to/file.p12 or file:///path/to/file.p12. Valid file extensions are .jks (Java Keystore) or .p12 (PKCS#12 store).
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.keystore.file = 

45.132.5Property: TLS KeyStore Key Alias

 
Property Name TLS KeyStore Key Alias
Property Key
Property Type STRING
Description The alias for the specific key within the KeyStore that should be selected for incoming TLS connections.
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.keystore.keyalias = 

45.132.6Property: TLS KeyStore Key Password

 
Property Name TLS KeyStore Key Password
Property Key
Property Type PASSWORD
Description The password for the specific key within the KeyStore (leave blank if the key has no password).
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.keystore.keypass = 

45.132.7Property: TLS KeyStore Password

 
Property Name TLS KeyStore Password
Property Key
Property Type PASSWORD
Description The password for the TLS KeyStore (leave blank if the store has no password).
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.keystore.password = 

45.132.8Property: TLS Cipher Blacklist

 
Property Name TLS Cipher Blacklist
Property Key
Property Type STRING
Description If specified, contains a space-separated list of ciphers that are not permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information.
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.protocol.cipher_blacklist = 

45.132.9Property: TLS Cipher Whitelist

 
Property Name TLS Cipher Whitelist
Property Key
Property Type STRING
Description If specified, contains a space-separated list of ciphers that are permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information.
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.protocol.cipher_whitelist = 

45.132.10Property: TLS Protocol Blacklist

 
Property Name TLS Protocol Blacklist
Property Key
Property Type STRING
Description If specified, contains a space-separated list of protocols that are not permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information.
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.protocol.protocol_blacklist = 

45.132.11Property: TLS Protocol Whitelist

 
Property Name TLS Protocol Whitelist
Property Key
Property Type STRING
Description If specified, contains a space-separated list of protocols that are permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information.
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.protocol.protocol_whitelist = 

45.132.12Property: TLS TrustStore Filename

 
Property Name TLS TrustStore Filename
Property Key
Property Type Resource Path
Description The filename for the TLS TrustStore used to hold trusted certificates for TLS connections. This can be in the format classpath:path/to/file.p12 or file:///path/to/file.p12. Valid file extensions are .jks (Java Keystore) or .p12 (PKCS#12 store).
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.truststore.file = classpath:truststore.p12

45.132.13Property: TLS TrustStore Password

 
Property Name TLS TrustStore Password
Property Key
Property Type PASSWORD
Description The password for the TLS TrustStore (leave blank if the store has no password).
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value (no default)
Example Property
module.[MODULE_ID].config.tls.truststore.password = 

45.132.14Property: TLS: Disable SNI checking for debugging

 
Property Name TLS: Disable SNI checking for debugging
Property Key
Property Type BOOLEAN
Description If specified, disables SNI checking for any module that uses TLS (not recommended for production)
Applies to Modules
  • CDS Hooks REST Endpoint
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (All FHIR Versions)
  • FHIR REST Endpoint (DSTU2 - Deprecated)
  • FHIR REST Endpoint (R3 - Deprecated)
  • FHIR REST Endpoint (R4 - Deprecated)
  • FHIRWeb Console
  • HL7 v2.x Listening Endpoint
  • HL7 v2.x Listening Endpoint (Deprecated)
  • HL7 v2.x Sending Endpoint
  • Hybrid Providers REST Endpoint
  • JSON Admin API
  • MDM UI
  • Package Registry Endpoint
  • Payer to Payer
  • SMART Outbound Security
  • Subscription Websocket Endpoint
  • appSphere
Default Value false
Example Property
module.[MODULE_ID].config.tls_debug_disable_sni_check = false
   45.131    Two Factor Authentication 45.133    Transaction Log