TLS-2-way connection from non-NHIN sites

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

TLS-2-way connection from non-NHIN sites

tech_support
Connect version 4.4.1, Glassfish v3

We have an issue with our ND gateway accepting certs with a Subject DN like CN=xyn,OU=CMS,O=HHS,C=US.

It should only be accepting certs including filtering by trust chain, and by the End Entity cert Subject DN of OU=NHIN. However this is not the case, please advise.
Reply | Threaded
Open this post in threaded view
|

Re: TLS-2-way connection from non-NHIN sites

Sovann Huynh
Administrator
This is a requirement that should be fulfilled at the time the certificate is created:

https://ehealthexchange.kayako.com/knowledgebase/article/View/7/0/the-sequoia-project-x509-certificate-faq

This is not a NwHIIN specification requirement that should be built into CONNECT:

http://sequoiaproject.org/wp-content/uploads/2014/11/nhin-authorization-framework-production-specification-v3.0.pdf
Sovann
CONNECT Product Team Member