HL7 Version 2 Service
Last updated
Last updated
The HL7 Version 2 Service configuration panel is used to enable or disable the sending and receiving of HL7 Version 2.x messages.
| Setting | Description | Example |
|---|---|---|
Local Domain | The local assigning authority for the HL7 Version 2.x receiver. Whenever SanteDB encounters an identifier in this domain, it will assume the CX.1 refers to the UUID / key of the object. | |
Authentication Mode | Identifies the method of authenticating HL7 requests. | See: SanteDB HL7v2 Authentication notes. |
No Auth Secret | When not requiring application authentication, all values in the MSH-3 must be registered as a security application with this secret. This is the shared secret which the HL7 authentication layer uses to establish an application identity. |
|
HL7 Services | Configuration for endpoints, messages, and trigger events for HL7 Services. | See: Service Endpoints |
Receiving Facility ID | The UUID of the local receiving facility for HL7v2 messages. The facility information is loaded from the primary data store based on this UUID and used to populate MSH-4 and MSH-5. | UUID |
SSN Authority | The identity domain configuration for PID-19 (SSN). If using this field outside of the United States, this is the identity domain information for that field. | See: SanteDB HL7v2 Implementation notes. |
Birthplace Types | A list of valid | UUID |
Identifier Replacement | When set to |
|
Strict Metadata | When set to TRUE any metadata in any field sent SanteDB must exactly match (place, organizations, etc.) must be matched exactly using the identifier in the XON rather than names. |
|
Require Application Authentication | When true, all HL7 messages must be authenticated as Application + Device identity. When false, a Device Identity is used and the Application authentication comes from the |
|
Strict CX4 | When true resolution of CX.4 based on MSH values will be disabled and all senders MUST send CX4.1 or CX4.3 |
The HL7 Services configuration property allows administrators to edit one or more IP/Endpoints which can receive HL7v2 messages.
| Setting | Description | Examples |
|---|---|---|
Endpoint | The IP / port to listen for inbound messages for the services. 0.0.0.0 binds the endpoint to all IP addresses, 127.0.0.1 binds to localhost. | Unencrypted Localhost:
Encrypted Public:
|
Messages | Messages (message types and trigger events) which can be processed on this endpoint. | See: Messaging Events |
Name | The name of the endpoint which is shown in logs. |
|
Receive Timeout | The number of milliseconds that the receiving endpoint will hold the connection open before forcably closing it. |
|
Transport Option | When the endpoint uses | See: Secure Endpoints |
When sllp:// is used as the transport for the HL7 endpoint, the security settings for the endpoint.
| Setting | Description | Examples |
|---|---|---|
Check CRL | When true, the endpoint will attempt to check the Certificate Revocation List. |
|
Enable Client Cert Negotiation | When true, the HL7 endpoint will challenge clients to provide a client certificate. |
|
Client CA Certificate | The root certificate or intermediary certificate where client certificates must be bound to. The certificate chain will be validated against the this CA. | See: Security Certificate |
Server Certificate | The certificate which the SanteDB iCDR will provide to clients which authenticates the server to clients. This certificate is also used to encrypt traffic with the client. | See: Security Certificate |
Each HL7 endpoint can support multiple message / trigger events. The messages property of the endpoint specifies which message handlers can be used for which trigger events on the specified endpoint.
| Setting | Description | Examples |
|---|---|---|
Message Handler | The implementation of the message handler which should be used to process messages which have any of the events listed in the events property. | |
Events | The trigger events which should be forwarded to the selected message handler. |
|
