Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Prerequisites

These directions will only work and are supported by HIMSA with Noah System 4.14 and newer

  • The HIMSA member company providing the WSI-enabled business system is responsible for obtaining, installing, and configuring SSL certificates. This is not a feature provided by HIMSA.

  • HIMSA assumes that the HIMSA member company has technical experience with SSL certificates. HIMSA will not be able to provide support with SSL certificates. However, the below “HIMSA Test Set-Up” provides information on how HIMSA sets up the sample BES in a local area network in order to test secure communications.

  • If the Business System wishes to receive encrypted data from Noah then it must install an SSL certificate on the devices that Business System resides on.

  • Ensuring that proper DNS names are set up within the network is the responsibility of the Business System developer.

  • If the Business System wishes to send encrypted data to Noah then it must install an SSL certificate on the PC that the Noah Server resides on.

    • Noah Client workstations exchange data with the Noah Server and this exchange is encrypted by a process that HIMSA is in charge of.


Noah System 4 Server Configuration

Prerequisites port 8000

  • The SSL Certificate must be installed

Bind the SSL Certificate to port 8000, See appendix A for more details.

netsh http add sslcert ipport=0.0.0.0:<port> certhash=<your certificate thumprint> appid=<Your app id>

Example:

netsh http add sslcert ipport=0.0.0.0:8000 certhash=f343cd172f6a250047cd26bdf0ffc4eac52ae3dc appid={cb66b486-c664-4219-bc74-491664b6f084}

To confirm binding run

netsh http show sslcert ipport=0.0.0.0:8000

Steps For Setting UP Noah WSI:

1.) Install Noah System 4.14.

2.) License Noah System.

3.) Run the WSI Installer.

https://www.himsa.com/members-2/web-service-integration-website/

4.) Do not reboot at this time. You will have to reboot after the next section.

5.) Set WSI to use the configuration file.

*NOTE: It is not possible to set the “UseConfigurationFile” to true during the WSI installation. These steps must be done through the NoahBSIntegServerTool.

A.) Use NoahBSIntegServerTool.exe to enable direct support for using configuration files when setting up endpoint. The NoahBSIntegServerTool can be found here, C:\Program Files (x86)\HIMSA\Noah 4

B.) Select “Window->Configuration->Web Service Settings” and change the “UseConfigFile” to “True.”

C.) Next, still in the NoahBSIntegServerTool, navigate to “Window->Configuration->Patient Record Transfer Settings” and change the “UseConfigFile” to “True.”

When the value is true all endpoints are read from the configuration file NoahWebIntegration.dll.config, when false there is no change in behavior.

With the “UseConfigFile” parameter set to “True,” the endpoints will be created using NoahWebIntegration.dll.config configuration file. This configuration file must then be set up for both data coming into and out of Noah.

Making this change will require PC hosting the Noah Server Installation to be rebooted.

After you reboot for the configuration file changes and the machine has come back up, launch Noah System. You will be required to reboot again for the WSI installation and settings to take affect in Noah System.

6.)Edit the NoahWebIntegration.dll.config file.

Manually edit the configuration file C:\ProgramData\HIMSA\Noah\ConfigFiles\NoahWebIntegration.dll.config

Replace the contents of the NoahWebIntegration.dll.config file with the below text and then customize the DNS names per your network:

  • Line 48

    • <add baseAddress="https://<DNS of Noah Server>:8000/Noahbsintegserver" />

    • Example

    • <add baseAddress="https://TN3.localnoah.net:8000/Noahbsintegserver" />

  • 61

    • <add baseAddress="https://<DNS of Noah Server>:8000/Noahbsintegserver" />

    • Example

    • <add baseAddress="https://TN3.localnoah.net:8000/Noahbsintegserver" />

  • 71 - Only necessary business system backed section is utilized (next section of this document)

    • <endpoint address="https://<DNS of Member Company back end machine>:8001/NoahBSOtherEnd" binding="basicHttpBinding"

    • Example - Note the member company back end is on the same machine as the Noah Server in this example.

    • <endpoint address="https://tn3.localnoah.net:8001/NoahBSOtherEnd" binding="basicHttpBinding"

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <behaviors>
            <serviceBehaviors>
                <behavior name="ServiceBehavior">
                    <!-- HTTPS enable MEX endpoint -->
                    <serviceMetadata httpsGetEnabled="True" /> 
                     <serviceDebug includeExceptionDetailInFaults="false"/>
                </behavior>

            </serviceBehaviors>
        </behaviors>
        <bindings>
            <basicHttpBinding>
                <!-- HTTPS -->
                <binding name="HTTPSBackend"
                    closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
                    sendTimeout="00:05:00" allowCookies="false" bypassProxyOnLocal="false"
                    hostNameComparisonMode="StrongWildcard" maxBufferSize="10485760"
                    maxBufferPoolSize="10485760" maxReceivedMessageSize="10485760"
                    messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
                    useDefaultWebProxy="true">
                    <readerQuotas maxDepth="32" maxStringContentLength="10485760" maxArrayLength="10485760" maxBytesPerRead="10485760" maxNameTableCharCount="10485760" />
                    <security mode="Transport">
                        <transport clientCredentialType="None"/>
                    </security>
                </binding>

                <binding name="HTTPSServiceBinding" sendTimeout="00:05:00" maxBufferSize="10485760" maxBufferPoolSize="10485760" maxReceivedMessageSize="10485760">
                    <readerQuotas maxStringContentLength="10485760" />
                    <security mode="Transport">
                        <transport clientCredentialType="None"/>
                    </security>
                </binding>            

            </basicHttpBinding>
        </bindings>
        <services>
            <service behaviorConfiguration="ServiceBehavior" name="NoahWebIntegration.NOAHBSWeb">
                <!-- Noah server HTTPS endpoint -->
                <endpoint address=""
                    binding="basicHttpBinding" bindingConfiguration="HTTPSServiceBinding"
                    contract="NoahWebIntegration.INoahBusinessIntegrationWebInterface" />
                <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> 
                <host>
                    <baseAddresses>
                        <add baseAddress="https://TN3.localnoah.net:8000/Noahbsintegserver" />  
                    </baseAddresses>
                </host>
            </service>

            <service behaviorConfiguration="ServiceBehavior" name="HTTPS_NoahWebIntegration.NOAHBSWeb">
                <!-- Noah server HTTPS endpoint -->
                <endpoint address=""
                    binding="basicHttpBinding" bindingConfiguration="HTTPSServiceBinding"
                    contract="NoahWebIntegration.INoahBusinessPatientRecordTransferInteface" />
                <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> 
                <host>
                    <baseAddresses>
                        <add baseAddress="https://TN3.localnoah.net:8000/Noahbsintegserver" />  
                    </baseAddresses>
                </host>
            </service>


        </services>

        <client>
             <!-- HTTPS endpoint used by Noah server to connect to backend system  -->
            <endpoint address="https://tn3.localnoah.net:8001/NoahBSOtherEnd" binding="basicHttpBinding"
                bindingConfiguration="HTTPSBackend"
                contract="NoahBusinessSystemSide.INoahBusinessIntegrationWebOtherSideInterface"
                name="BasicHttpBinding_INoahBusinessIntegrationWebOtherSideInterface" />

        </client>
    </system.serviceModel>
</configuration>

7.) Reboot the PC or restart the NoahServer Service. The setup is complete.

How to Test

1.) Use the below links (with the address updated to your situation). If successful then XML text will be displayed. If not successful try the URL address with HTTP only. If a response is received then the connection has not be configured correctly to be secure.

Using a standard web browser navigate to the following URL

2.) Another way to test is to use the HIMSA Sample Backend Simulator(BES). Please see “How to test” under the NOAHBSPatientRecordTransferIntegServer Endpoint section. The HIMSA Sample BES’s NoahBSOtherEnd.exe.config must be updated for these test steps to work.

Download for HIMSA Sample BES https://www.himsa.com/members-2/web-service-integration-website/

Business System Setup (Backend)

Prerequisites port 8001

  • The SSL Certificate must be installed

Bind the SSL Certificate to port 8001, See appendix A for more details.

netsh http add sslcert ipport=0.0.0.0:<port> certhash=<your certificate thumprint> appid=<Your app id>
example
netsh http add sslcert ipport=0.0.0.0:8001 certhash=f343cd172f6a250047cd26bdf0ffc4eac52ae3dc appid={cb66b486-c664-4219-bc74-491664b6f084}

To confirm binding run

netsh http show sslcert ipport=0.0.0.0:8001

Below is the configuration file NoahBSOtherEnd.exe.config that is used by the Noah 4 Business System Integration Backend Simulator that HIMSA provides as part of the WSI SDK.

By default, the configuration file is set up so that HTTP communication is used. If you have requirements for HTTPS then you must:

  • remove the comment for lines 170-180

  • comment out the http service section 153-163

  • Depending on your requirements review current DNS names for the following entries:

a.) Line 128

<endpoint address="<https://<DNS> of Noah Server>:8000/Noahbsintegserver" binding="basicHttpBinding"

Example: <endpoint address="https://tn3.localnoah.net:8000/Noahbsintegserver" binding="basicHttpBinding"

b.) Line 138

<endpoint address="<https://<DNS>> of Noah Server>/NOAHBSPatientRecordTransferIntegServer"

Example: <endpoint address="https://tn3.localnoah.net:8081/NOAHBSPatientRecordTransferIntegServer"

c.) 176

<add baseAddress="https://<DNS> of Noah Server>:8001/NoahBSOtherEnd"/>

Example: <add baseAddress="https://tn3.localnoah.net:8001/NoahBSOtherEnd"/>

<configuration>
    <configSections>
        <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=53d06f3c4ff49355" />
    </configSections>
    <appSettings>
        <add key="ClientSettingsProvider.ServiceUri" value="" />
        <add key="NoahClientPluginURL" value="http://localhost:8080/NoahWebIntegrationGUIStart"  />
    </appSettings>
    <log4net debug="false">
        <appender name="TraceAppender" type="log4net.Appender.TraceAppender">
            <layout type="log4net.Layout.SimpleLayout" />
        </appender>
        <appender name="RollingLogFileAppender" type="log4net.Appender.RollingFileAppender">
            <file type="log4net.Util.PatternString">
                <converter>
                    <name value="SpecialFolder" />
                    <type value="log4net.NoahExtentions.SpecialFolderPatternConverter" />
                </converter>
                <conversionPattern value="%SpecialFolder{CommonApplicationData}\Himsa\Noah\Logs\NoahBusinessSystemWebBackEndSimulator.log" />
            </file>
            <lockingModel type="log4net.Appender.FileAppender+MinimalLock" />
            <param name="AppendToFile" value="true" />
            <rollingStyle value="Size" />
            <maxSizeRollBackups value="2" />
            <maximumFileSize value="10MB" />
            <staticLogFileName value="true" />
            <layout type="log4net.Layout.PatternLayout">
                <param name="ConversionPattern" value="%utcdate{ISO8601} %-6level [%t]: %message%newline" />
            </layout>
        </appender>
        <root>
            <level value="DEBUG" />
            <appender-ref ref="TraceAppender" />
            <appender-ref ref="RollingLogFileAppender" />
        </root>
    </log4net>

    <system.serviceModel>

        <behaviors>
          <serviceBehaviors>
            <behavior name="NoahBSOtherEndBehavior">
              <serviceMetadata httpGetEnabled="true" httpGetUrl=""/>
              <serviceDebug includeExceptionDetailInFaults="true"/>
            </behavior>

            <behavior name="HTTPS_NoahBSOtherEndBehavior">
              <serviceMetadata httpsGetEnabled="true"/>
              <serviceDebug includeExceptionDetailInFaults="true"/>
            </behavior>

          </serviceBehaviors>

        </behaviors>

        <bindings>
            <basicHttpBinding>

              <!-- HTTP: The endpoint that Noah server is listening on -->
              <binding name="BasicHttpBinding_INoahBusinessIntegrationWebInterface"
                       closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
                       sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"
                       hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="5242880"
                       maxBufferSize="1000000" maxReceivedMessageSize="1000000" textEncoding="utf-8"
                       transferMode="Buffered" useDefaultWebProxy="true" messageEncoding="Text">
                <readerQuotas maxDepth="32" maxStringContentLength="1000000"
                              maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <security mode="None" />
              </binding>


              <!-- HTTP: Service binding i.e. the end point that NoahBSOtherEnd is listening on-->
              <binding name="BasicHttpBinding_INoahBusinessIntegrationWebOtherSideInterface"
                       closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00"
                       sendTimeout="00:10:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                       maxBufferPoolSize="5242880" maxBufferSize="1000000" maxReceivedMessageSize="1000000"
                       textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"
                       messageEncoding="Text">
                <readerQuotas maxStringContentLength="1000000" />
                <security mode="None" />
              </binding>



              <!-- HTTPS: The endpoint that Noah server is listening on -->
                <binding name="HTTPS_BasicHttpBinding_INoahBusinessIntegrationWebInterface" sendTimeout="00:05:00" maxBufferSize="10485760" maxBufferPoolSize="10485760" maxReceivedMessageSize="10485760">
                  <readerQuotas maxStringContentLength="10485760" />
                  <security mode="Transport">
                    <transport clientCredentialType="None"/>
                  </security>
                </binding>
                
                <!-- HTTPS: Service binding i.e. the end point that NoahBSOtherEnd is listening on-->
                <binding name="HTTPS_BasicHttpBinding_INoahBusinessIntegrationWebOtherSideInterface"
                         closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00"
                         sendTimeout="00:10:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                         maxBufferPoolSize="5242880" maxBufferSize="1000000" maxReceivedMessageSize="1000000"
                         textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"
                         messageEncoding="Text">
                  <readerQuotas maxStringContentLength="1000000" />
                  <security mode="Transport">
                    <transport clientCredentialType="None"/>
                  </security>
                </binding>

              <!-- Patient Transfer -->
              <binding name="BasicHttpBinding_INoahBusinessPatientRecordTransferInteface" maxReceivedMessageSize="67108864" transferMode="Streamed">
                 <readerQuotas maxArrayLength="1000000000" />
              </binding>

              <binding name="HTTPS_BasicHttpBinding_INoahBusinessPatientRecordTransferInteface" maxReceivedMessageSize="67108864" transferMode="Streamed">
                <readerQuotas maxArrayLength="1000000000" />
                <security mode="Transport">
                  <transport clientCredentialType="None"/>
                </security>
              </binding>


            </basicHttpBinding>
        </bindings>

      <client>
        <endpoint address="http://localhost:8000/Noahbsintegserver" binding="basicHttpBinding"
                  bindingConfiguration="BasicHttpBinding_INoahBusinessIntegrationWebInterface"
                  contract="NoahBSWeb.INoahBusinessIntegrationWebInterface" name="BasicHttpBinding_INoahBusinessIntegrationWebInterface" />


        <endpoint address="https://tn3.localnoah.net:8000/Noahbsintegserver" binding="basicHttpBinding"
                  bindingConfiguration="HTTPS_BasicHttpBinding_INoahBusinessIntegrationWebInterface"
                  contract="NoahBSWeb.INoahBusinessIntegrationWebInterface" name="HTTPS_BasicHttpBinding_INoahBusinessIntegrationWebInterface" />

        <!-- Patient Transfer -->
        <endpoint address="http://localhost:8081/NOAHBSPatientRecordTransferIntegServer"
                  binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_INoahBusinessPatientRecordTransferInteface"
                  contract="NOAHBSPatientRecordTransferIntegServer.INoahBusinessPatientRecordTransferInteface"
                  name="BasicHttpBinding_INoahBusinessPatientRecordTransferInteface" />

        <endpoint address="https://tn3.localnoah.net:8081/NOAHBSPatientRecordTransferIntegServer"
                  binding="basicHttpBinding" bindingConfiguration="HTTPS_BasicHttpBinding_INoahBusinessPatientRecordTransferInteface"
                  contract="NOAHBSPatientRecordTransferIntegServer.INoahBusinessPatientRecordTransferInteface"
                  name="HTTPS_BasicHttpBinding_INoahBusinessPatientRecordTransferInteface" />



      </client>

      <!-- 
             IMPORTANT: Only one of the below service configurations must be enabled
      -->

      <!-- HTTP endpoint definitions

        <services>
         <service behaviorConfiguration="NoahBSOtherEndBehavior" name="NoahBSOtherEnd.NOAHBSWebOtherSide">
            <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_INoahBusinessIntegrationWebOtherSideInterface" contract="NoahBSOtherEnd.INoahBusinessIntegrationWebOtherSideInterface"/>
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
            <host>
              <baseAddresses>
                <add baseAddress="http://localhost:8001/NoahBSOtherEnd"/>
              </baseAddresses>
            </host>
          </service>
        </services> -->
                  

      <!-- end HTTP endpoint definitions -->

      <!-- HTTPS endpoint definitions -->

        <services>
            <service behaviorConfiguration="HTTPS_NoahBSOtherEndBehavior" name="NoahBSOtherEnd.NOAHBSWebOtherSide">
               <endpoint address="" binding="basicHttpBinding" bindingConfiguration="HTTPS_BasicHttpBinding_INoahBusinessIntegrationWebOtherSideInterface" contract="NoahBSOtherEnd.INoahBusinessIntegrationWebOtherSideInterface"/>
              <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> 
                <host>
                    <baseAddresses>
                        <add baseAddress="https://tn3.localnoah.net:8001/NoahBSOtherEnd"/> 
                    </baseAddresses>
                </host>
            </service>
        </services>

      <!-- End HTTPS endpoint definitions -->



    </system.serviceModel>
    <startup>
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6"/>
    </startup>
</configuration>

NOAHBSPatientRecordTransferIntegServer Endpoint

Not yet Documented

How to Test

Below are test steps on how to verify that WSI was correctly configured to use HTTPS. The test steps will require the HIMSA Sample BES.

*NOTE: The steps above to update the NoahBSOtherEnd.exe.config must have been completed to preform these test steps.

1.) Launch the HIMSA Sample BES with the -C parameter.

a.) An easy way to do this is create a shortcut for the NoahBESOtherEnd.exe. Add “ -C” to the end of the target. The -C parameter must be added for the HIMSA Sample BES to run as https.

Example: I download and extracted the Sample BES zip in my downloads directory. So the path of the Target with the added “ -C” is below.

C:\Users\JohnSmith\Downloads\SampleBackEndSystem_Dec2022\NoahBSOtherEnd.exe -C

2.) Now launch the HIMSA Sample BES by selecting the new shortcut you created with the “ -C” parameter.

3.) Now launch Noah System

4.) In Noah System create a new patient record and save it. Close Noah System.

5.) Switch to the Sample BES. It could take 10 to 20 seconds but the patient record should appear in the Sample BES.

6.) Right Click on the import data entry on the Sample BES. Select “Copy XML to clipboard.”

7.) Open Notepad and paste the XML into Notepad.

8.) Now update the xml. Change the first name and the last name. Change the BESPID.

9.) Copy the updated XML.

10.) On the Sample BES select the “Export 2 Noah” button. Paste in the updated XML and select OK.

11.) Open Noah System.

12.) Verify the New patient record you created in step 8 appears in the Noah Patient List.

13.) Select this new patient so that it is the active patient record in Noah System.

14.) Launch the Noah 4 Audiogram Module, create a new audiogram and save it.

15.) Close Noah System.

16.) Switch to the Sample BES, the “import” of the audiogram data will appear.

17.) Right Click on the import data entry on the Sample BES. Select “Copy XML to clipboard.”

18.) Open Notepad and paste the XML into Notepad.

19.) In the XML find one of the Audiogram curves and update a point or two.

20.) Copy the updated XML.

21.) On the Sample BES select the “Export 2 Noah” button. Paste in the updated XML and select OK.

22.) Open Noah System.

23.) Verify the audiogram you create in the sample BES appears in your patient record. The Action description will say “Business System.”

24.) Finally open up the Noah 4 Audiogram module on this audiogram action. You will see the updated points you changed in step 19.

Another way to test is to use the links below (with the address updated to your situation). If successful then XML text will be displayed.

make sure desired ports are in use. For example, if you want Noah to communicated (send data) to your business system then run a command line of net stat -a (on that device) to make sure that port 8000 is in use.

Appendix A: Binding a Certificate to a Port

It is assumed that the certificate is in the Windows certificate store (search for “mmc certificates import” in order to import a certificate).

Double click on the certificate, choose the “Details” tab, choose “show <all>”, scroll to thumbprint. Copy the thumbprint to e.g. the clipboard or a file.

Bind certificate to port:

netsh http add sslcert ipport=0.0.0.0:<port> certhash=<thumbprint> appid={<guid>}

Example:

netsh http add sslcert ipport=0.0.0.0:8000 certhash=9D7658BDA1D83CDFD19A13F1C96BEE702D2DFD29 appid={5bedc817-1842-4a66-b0e1-380d564c2271}

The thumbprint is the one copied from the certificate. Appid is a GUID (online GUID generators are available on the internet). The Appdi can be any ID, Noah is not looking for a specific AppID

Delete certificate port binding:

netsh http delete sslcert ipport=0.0.0.0:<port>

example
netsh http delete sslcert ipport=0.0.0.0:8000

To show certificate on port:

netsh http show sslcert ipport=0.0.0.0:8000

To show certificates on all ports

netsh http show sslcert

Show all namespaces

netsh http show urlacl url=https://+:8000/

Display Port reservations:

netsh http show urlacl

Commands that are nice to know when working with port binding (run a command prompt as administrator):

  • No labels