Mirth (NextGen) Connect Bits #5: Adding SSL Certificate To Resolve HTTPS Sender Issues

One common issue with Mirth (NextGen) Connect is calling 3rd party API via HTTPS, unfortunately, there’s a chance that you’ll get an error like the one below. To resolve this, you need to add the web API’s SSL certificate in your Java KeyStore for Mirth to use.

mirth ssl error

There are a couple of ways on how to resolve this.

Using KeyStore Explorer

On my end, I’ll be using KeyStore Explorer which is a free and open-source application that allows you to manage your certificates with a friendly GUI. I previously use Portecle but it hasn’t been updated.

Step 1:

Download and install KeyStore Explorer

Step 2:

Get the CA Certificate of the 3rd party API you want to connect to or call to. This will be imported to the Java Keystore. You can get it directly from the website API’s lock icon in the web browser.

mirth connect ssl export

Click on the “Copy to File…” button.

certificate window

The Certificate Export Wizard will show up.

certificate export wizard

You can try both the two .CER format. But the first one should work already.

export file format

Choose the file path and file name where to export.

export file location name

Hit “Finish” to complete the process.

Take note of the file location. This is the certificate file that will be imported in the Java KeyStore.

Step 3:

Open the Application, make sure to open it as an admin or root access.

keystore explorer

Step 4:

Check if your default CA Certificate KeyStore is pointed to your Java path. You can find it under Toos->Preferences.

keystore explorer preferences

Here’s the “Preferences” window. You should see the default path where the Java CA KeyStore is.

Step 5:

Got back to the main page of the application and click the icon of the “Open the CA Certificates KeyStore”. If you are prompted with a password, the default is “changeit“.

This will show the list of certificates including their statuses, expiry date, etc… You can import a trusted certificate by hitting the icon shown below.

add ssl in java keystore

Find your file and set an alias. Make sure to hit the “Save” button.

add ssl in java ca keystore

Restart the Mirth (Nextgen) Connect service and try out the API calls.

For more Mirth Connect related blog posts, check out the Mirth (NextGen) Bits tag or Health IT page. Feel free to leave a comment or feedback.

Add a Comment

Your email address will not be published. Required fields are marked *