Pulling/pushing HL7 from/to a API

Question

Question

#API #Business Operation #Business Service #Encryption #HL7 #SSL #Ensemble #HealthShare #InterSystems IRIS for Health

Hello,
I am currently facing the task of retrieving or sending HL7 messages from a web API. Since we only send HL7 messages via internal sockets, web APIs are relatively new to me.
The following is my plan for the new interface:
I have created a new custom business service that periodically sends requests to a business process. In this business process, the HTTP request (HTTP.GenericMessage) is then created from scratch. The special feature is the "Authorisation" header field, where a signature is inserted, which consists of a base64-encoded hash value. The request is then sent to the API via a business operation (EnsLib.HTTP.GenericOperation). The whole thing is also secured via TLS.
If you remove the TLS encryption, I even get a response from the API (a negative one). As soon as I add a SSL/TLS configuration, I get the following error message:

Have I made any major mistakes? What could I improve and what does this error message mean?

Regards

Robert

Product version: HealthShare 2024.1

$ZV: IRIS for UNIX (Red Hat Enterprise Linux 9 for x86-64) 2024.1.1 (Build 347_0_23677U) Tue Oct 1 2024 12:58:37 EDT

Discussion (4)3

Log in or sign up to continue

Robert Hildebrand · 18 hr ago

Thank you for your suggestions. I found the error:

We are using a web proxy. Of course, I had already entered the proxy correctly. However, I also had to enable the ProxyHttpTunnel option.

1 0

score 0 · Answer 1 · 2025-10-30T12:02:31-04:00

To retrieve or send HL7 messages via web APIs, you can create a production that utilizes various InterSystems IRIS components. Here are the relevant steps and considerations:

Create a Custom Business Service:
To periodically send requests to a business process, you can implement a business service using EnsLib.HTTP.GenericOperation. This business service interacts with APIs by sending HTTP requests. The following can be used as a foundation:
- Configure SSL/TLS settings for secure communication by creating a new SSL configuration if the API requires encrypted communication [1][2][3].
- Set up headers in your HTTP request, such as the "Authorization" field for specific API requirements. You may use EnsLib.HTTP.OutboundAdapter or %Net.HttpRequest for detailed control over request construction [4][1].
Secure TLS Communication:
To overcome SSL/TLS errors, verify the correct configuration and communication:
- Create the required SSL/TLS configuration settings, including specifying cipher suites, certificate files, and other attributes. Make sure the chosen configuration matches the API's requirements for compatibility [5][6][4].
- Test SSL/TLS connectivity via InterSystems tools, such as %Net.HttpRequest. Review the return headers and debugging logs for errors related to SSL errors [3][1].
Handling Large and HL7-Specific Messages:
- Ensure your configuration and object handling supports large HTTP payloads by configuring settings like message content preview limits [2][7].
- If you need specialized handling for HL7 messages, consider converting them from ER7 to XML or JSON using specific tools that InterSystems provides [8][2][9].
Integration with REST APIs:
Setting up operations for pushing or pulling HL7 messages via REST:
- Use EnsLib.REST.Operation or %Net.HttpRequest for outgoing REST API calls.
- Include the relevant authentication, configuration headers, and body formats (e.g., JSON) to meet API specifications.
- Debug requests using tools like Fiddler or logging configurations [2][1].
Common Challenges:
- Issues with SSL/TLS configurations, improper headers setup, unauthorized HTTP requests, or incorrect payload formatting often lead to errors like TLS protocol mismatches or bad request messages from APIs [3][6].

If you encounter specific error messages or behaviors that remain unresolved, such as "SSL configuration issues with EnsLib.HTTP.GenericOperation," analyze returned debug logs thoroughly and adjust configurations accordingly [7][3][6]. For further reference examples on creating productions or detailed implementations, visit resources provided in InterSystems documentation and GitHub repos [1][2][10][11][5].

Sources:

1.POST HL7 Message to REST API Endpoint

2.Parse HL7 Content from JSON Request into EnsLib.HL7.Message Object

3.SSL/TLS error return from SSL_read()

4.Bearer Token Authorization issue with RESTFul API from Ensemble REST Operation EnsLib.REST.Operation

5.REST API outputs SSL Configuration error‽

6.How to force HTTP status response using EnsLib.REST.Service

7.Inconsistent presentation of message type when using REST service with large message body

8.Convert HL7 to XML

9.What is iris-hl7?

10.HL7 v.2.x in XML format

11.InterSystems Developer Community May 2022 Digest

score 0 · Answer 2 · 2025-10-30T12:39:25-04:00

My instinct is that this <WRITE> error is just indicating that there's some issue with the TLS communication. Can you confirm using another method that the certificate(s) are appropriate?

What is the error from the API when unsecured? Is there a test version of the API you can test without TLS?

score 0 · Answer 3 · 2025-10-30T13:29:41-04:00

By the look of the stack trace, I think the adapter is trying to write request but it fails. Check the SSLConfiguration setting of the operation, it should be the name of an existing, valid, TLS configuration.