Acessing FHIR Server using SLES Apache Server with WebGateway

Hello Community,

we're running an Iris installation on SLES 15.5 using the SLES Apache server and web gateway for hosting the management portal on Port 57772 (e.g. http://<host-name>:57772/csp/sys/%25CSP.Portal.Home.zen?$NAMESPACE=HL7TOFHIR) on the same machine. The Iris installation also provides a FHIR Server in a separate namespace which uses the base URL http://<host-name>:57772/fhir/r4 for connections.

The installation is locked down and the SLES Firewall is activated an configured to just allow connections on port 57772 and 1972. Apache currently listens to Port 57772 only. The installation folder of the web gateway is /opt/webgateway/ the instance is called qsfhir.

We're using an apache configuration which is included into the httpd.conf and a virtual host configuration as follows:

#### BEGIN-ApacheCSP-SECTION included by httpd.conf.local####
LoadModule csp_module_sa "/opt/webgateway/bin/CSPa24.so"
CSPModulePath "/opt/webgateway/bin/"
CSPConfigPath "/opt/webgateway/bin/"
Alias /csp/ "/opt/webgateway/qsfhir/csp/"
<Location /csp>
        CSP On
</Location>
<Location /fhir>
        CSP on
</Location>
#### END-ApacheCSP-SECTION ####

#### BEGIN-ApacheCSP-SECTION-QSFHIR ####
Alias /qsfhir/csp/ "/opt/webgateway/qsfhir/csp/"
#### END-ApacheCSP-SECTION-QSFHIR ####

#### iris57772.conf form vhosts.d ####
<VirtualHost *:57772>
    ServerAdmin <email-address>
    ServerName <host-name>
    ServerAlias <host-alias>
    DocumentRoot "/opt/webgateway/qsfhir/csp/"
    Alias /csp/ "/opt/webgateway/qsfhir/csp/"
    <Directory "/opt/webgateway/qsfhir/csp">
        AllowOverride None
        Options MultiViews FollowSymLinks ExecCGI
        Require all granted
        <FilesMatch "\.(log|ini|pid|exe)$">
            Require all denied
        </FilesMatch>
    </Directory>
    <Directory "/opt/webgateway/bin/">
        AllowOverride None
        Options None
        Require all granted
        <FilesMatch "\.(log|ini|pid|exe)$">
            Require all denied
        </FilesMatch>
    </Directory>
</VirtualHost>

This configuration allows us to define an independent default web-application on Port 80. This is a precondition to enable certificate creation with letsencrypt as the next step. With this configuration we are able to access the management portal and the communication between an internal namespace and the Fhir Client works without problems.

This means the FHIR server can be accessed from the iris installation, but we're facing the problem, that the FHIR server is not accessible from outside.

When I'm tracing requests on the webgateway management site, I observe local requests, which are answered like expected:

and I see the requests sent from the external Postman application which result in an 404 Not Found response:

It might be just an Alias missing, or an <Directory> configuration to be added to the apache configuration, but I tried almost everything that came into my mind without any success.

Any help or hint where to look for further information or what to try next is appreciated.

Thanks for your time and kind regards,

Martin