go to post Deepak Ghansala · Sep 9 Things might be on the same network, but on virtual machines spread across different data centers / physical servers, so definitely some level of HA for sure if you have more than one instance. You got to take and work with what's available. If in future, that client has network separation also available then you can increase your level of HA, but not having HA isn't right.
go to post Deepak Ghansala · Sep 5 Probably you can have your document limit listed in a lookup table to begin with, lets say Limit = 100 to begin with. Then within your business process, add an if-else section, where the test condition is to evaluate current time against the XXXX and YYYY times you have in mind. If the current time is within your XXXX and YYYY, plus the limit is > 0 from the lookup table, you send the document and decrease the lookup table value by 1. On the else condition, you just send the document without checking the limit value from the table, but update the lookup table again to your limit (100). The key here is accessing and updating the lookup table value from within your business process. Hope this makes sense.
go to post Deepak Ghansala · Apr 12 You can create a custom schema based on the current schema you have listed in your business service that reads the file. Once you have the custom schema, if its a specific ADT message you need the NTE segment on, then can create that message type from the base schema and edit the Doc Type Structure by putting ~[NTE] at the end of the raw structure.
go to post Deepak Ghansala · Apr 8 You need to configure an incoming webhook on the MS Team Channel and then post your alert to that endpoint from your production. Probably would have to do transformations between Ens.Alert to the JSON structure MS Team requires. https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-c... https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-c...
go to post Deepak Ghansala · Feb 22 Hi Heorhiy, Your error message talks about the TLS configuration with name "HTTPSCert" in use, however the screenshot lists TLS configuration name as "TSL". Can you check your operation is using this "TSL" config. Regards, Deepak
go to post Deepak Ghansala · Oct 16, 2023 Hi Scott, So rather than having one centralised location for webserver and web gateway, which could become your single point of failure, you install the webserver and web gateway alongside Healthconnect on the actual instances. And when you configure the individual web gateway, for telling it which instance of HealthConnect it needs to connect, just specify it as localhost and your superserver port on that instance. https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls... https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls... https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls... When you give the server access parameters, enter IP Address as localhost (127.0.0.1) and port as your superserver port of the instance and do not check "Configuration is Mirror Aware". Regards, Deepak
go to post Deepak Ghansala · Oct 12, 2023 Hi Scott, We are using IIS as our web server, the configuration is like this:- The mirrored instances are separate VMs, and in each VM we have IIS + web gateway installed (except the arbiter). Each web gateway is configured to talk to the local Health Connect instance, irrespective of it being primary, secondary or DR at any time. So, when have to access the primary, we go via the VIP URL -> the request lands on the IIS for the primary instance and that is passed on to the local Health Connect instance. This way we can connect to the management portal of each instance, irrespective of its state and we know if we are going via the VIP URL it will always land us on the primary instance. On the certificate side, one cert with CN as the VIP is loaded on the instances and the SANs are the instance names / IPs. Regards, Deepak
go to post Deepak Ghansala · Sep 4, 2023 You can additionally also try by entering "%OSCertificateStore" in field "File containing trusted Certificate Authority certificate(s)" of your TLS configuration.
go to post Deepak Ghansala · Sep 4, 2023 When you are connecting through Postman or terminal, it establishes the chain of trust using the public CAs stored in trusted certificate store on your machine, or the application. In IRIS you have to give the entire chain and not just the root certificate, if there is an Intermediate CA which is signing either your client or the server's cert, you can extract the entire chain using your browser as well or through openssl too.
go to post Deepak Ghansala · Jul 27, 2023 Hi Norman, Its available through the portal, System Operation ->Processes, then you check the Device column. In the device column, you would have something like this:- |TCP|33010|472 Here, 33010 is the TCP port and 472 is the job number. Regards, Deepak Ghansala
go to post Deepak Ghansala · Feb 21, 2023 IRIS works as a SFTP client:- 1) For doing GET (Business Service) with EnsLib.FTP.InboundAdapter 2) For doing PUT (Business Operation) with EnsLib.FTP.OutboundAdapter Option 1 If the external organisation has a SFTP server, then you can poll a directory on the SFTP server using the Business Service. Option 2 If the external organisation doesn't have a SFTP server, then probably you can set up your own and they can then drop their files to your server and from there you can read it using a business service with file inbound adapter
go to post Deepak Ghansala · Nov 24, 2022 Hi Warren, We also have a similar situation, this not limited to FTP adapter, it is there on Email and SQL adapter as well, where you don't get an option on the config to choose the local interface (VIP in this). I think the short term solution we have been suggested from Intersystems is to allow both your mirror member IP addresses through the firewall, yet to test it though how it will play out with NAT. Probably, Intersystems will come up with a solution maybe in next couple of months to support this configuration of local interface natively on the adapter classes. Thanks, Deepak Ghansala
go to post Deepak Ghansala · Nov 4, 2022 Good to know what is happening behind the scenes, great work guys @Eduard Lebedyuk @Regilo Regilio Guedes de Souza
go to post Deepak Ghansala · Oct 6, 2022 Refer to this documentation https://docs.intersystems.com/iris20201/csp/docbook/DocBook.UI.Page.cls?...
go to post Deepak Ghansala · Aug 5, 2022 I think IRIS uses Apache httpd as its webserver, so probably go through this first. https://community.intersystems.com/post/apache-httpd-web-server-configur... And this link to figure out how to enable https on a certain port in httpd https://www.ibm.com/docs/en/aspera-on-demand/3.9?topic=appendix-enable-s... Probably should also think around performance and scalability of httpd and raise a call with WRC for their opinion on this. Regards, Deepak Ghansala
go to post Deepak Ghansala · Feb 25, 2022 https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls....
go to post Deepak Ghansala · Jan 11, 2022 https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls... base/csp/app/web_serv.cls?WSDL
go to post Deepak Ghansala · Dec 3, 2021 Can you compare the certificate chain between your local system and the cache instance ? It could be possible your local instance trusts the root CA in the certificate chain but the server where cache instance is doesn't.