Project addapted by: Tiago Rodrigues, 2022
This project results of an enhanced package supporting HTTPS of the original project, whose original credits are given to Rivet Health
Convert MLLP to HTTP(S) and vice versa.
http2mllp
is a HTTP server that translates to MLLP.
mllp2http
is a MLLP server that translates to HTTP.
https2mllp
is a HTTPS server that translates to MLLP.
mllp2https
is a MLLP server that translates to HTTPS.
Keywords: MLLP, HTTP, HTTPS, SSL/TLS, HL7
MLLP (Minimum Lower Layer Protocol) is the traditional session protocol for HL7 messages.
Many modern tools (load balancers, application frameworks, API monitoring) are designed around HTTP(S). This observation is the foundation for the HL7 over HTTP specification.
This project, MLLP/HTTP(S), bridges these two protocols, allowing network engineers and application developers to work with familiar HTTP(S) technology while interfacing with MLLP-based programs.
Implements MLLP release 1, HTTP/1.1, and SSL/TLS (optional). Each MLLP message is assumed to have a corresponding response message (e.g. HL7 acknoledgment).
Note that this project deals only with the MLLP layer; it does not process HL7 messages themselves. Notably, the HTTP participant must be able to intepret HL7 messages and generate acknowledgements. This separation imposes no requirements for HL7 usage and leaves application developers with full access to the features of the HL7 protocol.
By Pip
pip install mllp-https
On the project folder, run the command:
python setup.py install
http2mllp localhost
mllp2http http://localhost:8000
https2mllp localhost
mllp2https https://localhost:8000
To use https2mllp as a https server/listener, it is required to provide a valid path for SSL certificate file and private key file. In order to do that, both certificate and key files should be placed on a folder "C:/ssl/", such that the files' paths are "C:/ssl/certfile.crt" and "C:/ssl/keyfile.key". Otherwise, both paths should be passed as argument:
https2mllp localhost --mllp_port 2575 --certfile /PATH/TO/certfile.crt --keyfile /PATH/TO/keyfile.key
Pull from Docker Hub:
docker pull tiagoepr/mllp-https
or build from dockerfile:
docker build -t tiagoepr/mllp-https .
Run as:
docker run -it -p 8000:8000 --rm tiagoepr/mllp-https http2mllp host.docker.internal
docker run -it -p 2575:2575 --rm tiagoepr/mllp-https mllp2http http://host.docker.internal:8000
docker run -it -p 8000:8000 --rm tiagoepr/mllp-https https2mllp host.docker.internal (See note below about SSL certificate)
docker run -it -p 2575:2575 --rm tiagoepr/mllp-https mllp2https https://host.docker.internal:8000
To use https2mllp as a https server/listener, it is required to provide a valid path for SSL certificate file and private key file. In order to do that, both certificate and key files should be firstly copied onto the Docker container and then the respective paths given as argument.
To do that, with the container running, run the command on the host:
docker cp [LOCAL/PATH/TO/ssl] [container_id]:/usr/local/lib/python3.10/site-packages/mllp_http_https/ssl
where [LOCAL/PATH/TO/ssh] is the path for the folder containing the certfile.crt and keyfile.key and [container_id] should be replaced by the container ID which is running.
Now, on the container bash, run the command:
docker run -it -p 8000:8000 --rm tiagoepr/mllp-https https2mllp host.docker.internal --certfile /usr/local/lib/python3.7/site-packages/mllp_http_https/ssl/certfile.crt --keyfile /usr/local/lib/python3.7/site-packages/mllp_http_https/ssl/keyfile.key
usage: http2mllp [-h] [-H HOST] [-p PORT] [--keep-alive KEEP_ALIVE] [--log-level {error,warn,info}]
[--mllp-keep-alive MLLP_KEEP_ALIVE] [--mllp-max-messages MLLP_MAX_MESSAGES] [--mllp-release {1}]
[--timeout TIMEOUT] [--content-type CONTENT_TYPE] [-v] [--mllp_port MLLP_PORT]
mllp_url
HTTP server that proxies an MLLP client.
Expects an MLLP response message and uses it as the HTTP response.
positional arguments:
mllp_url MLLP URL, Defaulf: hostname
optional arguments:
-h, --help show this help message and exit
-H HOST, --host HOST HTTP host (default: 0.0.0.0)
-p PORT, --port PORT HTTP port (default: 8000)
--keep-alive KEEP_ALIVE
keep-alive in milliseconds, or unlimited if -1. (default: -1)
--log-level {error,warn,info}
--mllp-keep-alive MLLP_KEEP_ALIVE
keep-alive in milliseconds, or unlimited if -1. (default: -1)
--mllp-max-messages MLLP_MAX_MESSAGES
maximum number of messages per connection, or unlimited if -1. (default: -1)
--mllp-release {1} MLLP release version (default: 1)
--timeout TIMEOUT socket timeout, in milliseconds, or unlimited if 0. (default: 0)
--content-type CONTENT_TYPE
HTTP Content-Type header (default: x-application/hl7-v2+er7)
-v, --version show program's version number and exit
--mllp_port MLLP_PORT
MLLP PORT (default: 2575)
usage: mllp2https [-h] [-H HOST] [-p PORT] [--username USERNAME] [--password PASSWORD] [--content-type CONTENT_TYPE] [--log-level {error,warn,info}] [--log-file LOG_FILE] [--mllp-release {1}] [--timeout TIMEOUT] [--verify {False,True}]
[-v]
https_url
MLLP server that proxies an HTTPS client. Sends back the HTTPS response.
positional arguments:
https_url HTTPS URL
optional arguments:
-h, --help show this help message and exit
-H HOST, --host HOST MLLP host (default: 0.0.0.0)
-p PORT, --port PORT MLLP port (default: 2575)
--username USERNAME Username for HTTPS server authentication (Optional). If not provided, authentication will be skipped. (default: None)
--password PASSWORD User password for HTTPS server authentication (Optional). If not provided, authentication will be skipped. (default: None)
--content-type CONTENT_TYPE
HTTPS Content-Type header (default: application/hl7-v2; charset=utf-8)
--log-level {error,warn,info}
--log-file LOG_FILE Path to file where the logs will be placed. If not provided logging will be done on command window. (default: None)
--mllp-release {1} MLLP release version (default: 1)
--timeout TIMEOUT timeout in milliseconds (default: 0)
--verify {False,True}
Verify SSL certificate on server side. True as default (default: True)
-v, --version show program's version number and exit
environment variables:
HTTP_AUTHORIZATION - HTTP Authorization header
X-API-KEY - HTTP X-API-KEY header
usage: https2mllp [-h] [-H HOST] [-p PORT] [--username USERNAME] [--password PASSWORD] [--keep-alive KEEP_ALIVE] [--log-level {error,warn,info}] [--log-folder LOG_FOLDER] [--mllp-keep-alive MLLP_KEEP_ALIVE]
[--mllp-max-messages MLLP_MAX_MESSAGES] [--mllp-release {1}] [--timeout TIMEOUT] [--content-type CONTENT_TYPE] [--mllp_port MLLP_PORT] [--certfile CERTFILE] [--keyfile KEYFILE] [--mllp_parser {True,False}] [-v]
mllp_url
HTTPS server that proxies an MLLP client.
Expects an MLLP response message and uses it as the HTTPS response.
positional arguments:
mllp_url MLLP URL, Defaulf: hostname
optional arguments:
-h, --help show this help message and exit
--mllp_port MLLP_PORT
MLLP PORT (default: 2575)
-H HOST, --host HOST HTTPS host (default: 0.0.0.0)
-p PORT, --port PORT HTTPS port (default: 8000)
--username USERNAME Username for HTTPS server authentication (Optional). If not provided, authentication will be skipped unless the environment vartiable exists. (default: None)
--password PASSWORD User password for HTTPS server authentication (Optional). If not provided, authentication will be skipped unless the environment vartiable exists. (default: None)
--keep-alive KEEP_ALIVE
keep-alive in milliseconds, or unlimited if -1. (default: 0)
--log-level {error,warn,info}
--log-folder LOG_FOLDER Path to folder where the logs will be placed. If not provided logging will be done on command window. (default: None)
--mllp-keep-alive MLLP_KEEP_ALIVE
keep-alive in milliseconds, or unlimited if -1. (default: 10000)
--mllp-max-messages MLLP_MAX_MESSAGES
maximum number of messages per connection, or unlimited if -1. (default: -1)
--mllp-release {1} MLLP release version (default: 1)
--timeout TIMEOUT socket timeout, in milliseconds, or unlimited if 0. (default: 0)
--content-type CONTENT_TYPE
HTTPS Content-Type header (default: application/hl7-v2; charset=utf-8)
--certfile CERTFILE Path for HTTPS Server's SSL/TLS Certificate. (default: C:/ssl/certfile.crt)
--keyfile KEYFILE Path for HTTPS Server's SSL/TLS Private Key. (default: C:/ssl/keyfile.key)
--mllp_parser {True,False}
If False, the package will not parse the MLLP and will send an HTTPS POST with the MLLP encapsulating the HL7 message. If True, the HTTPS POST will only present the HL7 on the Body without MLLP characters
(default: True)
-v, --version Show program's version number and exit
usage: mllp2https [-h] [-H HOST] [-p PORT] [--username USERNAME] [--password PASSWORD] [--content-type CONTENT_TYPE] [--log-level {error,warn,info}] [--log-folder LOG_FOLDER] [--mllp-release {1}] [--timeout TIMEOUT] [--verify {False,True}]
[-v]
https_url
MLLP server that proxies an HTTPS client. Sends back the HTTPS response.
positional arguments:
https_url HTTPS URL
optional arguments:
-h, --help show this help message and exit
-H HOST, --host HOST MLLP host (default: 0.0.0.0)
-p PORT, --port PORT MLLP port (default: 2575)
--username USERNAME Username for HTTPS server authentication (Optional). If not provided, authentication will be skipped. (default: None)
--password PASSWORD User password for HTTPS server authentication (Optional). If not provided, authentication will be skipped. (default: None)
--content-type CONTENT_TYPE
HTTPS Content-Type header (default: application/hl7-v2; charset=utf-8)
--log-level {error,warn,info}
--log-folder LOG_FOLDER Path to folder where the logs will be placed. If not provided logging will be done on command window. (default: None)
--mllp-release {1} MLLP release version (default: 1)
--timeout TIMEOUT Timeout in milliseconds (default: 0)
--verify {False,True}
Verify SSL certificate on server side. Should be set to 'True', 'False' or to a path to a CA_BUNDLE file or directory with certificates of trusted Cas.
-v, --version show program's version number and exit
environment variables:
HTTPS_AUTHORIZATION - HTTPS Authorization header
X-API-KEY - HTTPS X-API-KEY header
Run an HTTP debugging server:
docker run -p 8000:80 --rm kennethreitz/httpbin
Run the MLLP connector:
mllp2http http://localhost:8000
Send an MLLP message:
printf '\x0bMESSAGE\x1c\x0d' | socat - TCP:localhost:2575
and see the HTTP server's response (which describes the HTTP request that the connector made):
{
"args": {},
"data": "MESSAGE",
"files": {},
"form": {},
"headers": {
"Accept": "*/*",
"Accept-Encoding": "gzip, deflate",
"Connection": "keep-alive",
"Content-Length": "7",
"Content-Type": "x-application/hl7-v2+er7",
"Forwarded": "by=127.0.0.1:2575;for=127.0.0.1:54572;proto=mllp",
"Host": "localhost:8000",
"User-Agent": "mllp2http/1.0.2"
},
"json": null,
"origin": "127.0.0.1:54572",
"url": "mllp://localhost:8000/post"
}
To install:
make install
Before committing, format:
make format