The TCP Server communication point listens for connections on the port specified by the Local Port property. It can be bound to a specific interface (Ethernet card) by supplying the hostname/IP address bound to that interface in the Local Address property. The Listen Backlog property is used to specify the number of connections that can be waiting in the accept queue before new connections are actively refused.

Messages on a TCP stream must be wrapped with a header and/or trailer because TCP has no way of knowing when a message starts or ends. The input and output Wrapper, Header, Trailer, and Endian-ness properties are used to configure the message wrapping.

Supported Operational Modes: All.

In order to make this server communication point more tolerant to connection failures from clients or misconfigured clients, we recommend that its connection retry count be set to infinite. Refer to Connection Retries for details.

Input Mode Properties

Property

Description

Local Port

The port number to bind the local socket to.

Local Address

The hostname or IP address of the local interface to which to bind the socket connection (all interfaces if empty).

Listen Backlog

The maximum number of connections that the OS kernel queues for the underlying TCP socket. TCP connections which have been established after completing a three-way TCP handshake are queued on this queue until a Rhapsody server communication point accept them

A Rhapsody communication point can only accept a number of connections equal to its maximum configured connections. Any additional connections will remain on the kernel queue and will not be processed by Rhapsody – client applications will be unaware that their connection is not being processed and may continue to send data. As such, it is imperative that Rhapsody TCP server communication points have the number of connections configured to adequately service all client connections. The listen backlog parameter is only intended to serve as a temporary queue for client connections prior to being accepted by the server communication point.

The specified backlog parameter must be a positive number greater than 0 (zero).

Use SSL

Whether to use SSL:

  • Enabled - secure socket layer is used for this connection and all messages are encrypted.
  • False (default).

It is strongly recommended that SSL be enabled for TCP Server communication points. Refer to TLS/SSL Support in Rhapsody for details.

SSL Protocol Mode

Refer to SSL Protocol Versions for details.

SSL Cipher Suites

Refer to SSL Cipher Suites for details.

Use SSL Client Mode

Whether to use SSL client mode:

  • Enabled - SSL client mode is enabled (in other words, this communication point acts as the SSL client and send the ClientHello packet to initiate the SSL negotiation). In most cases, the TCP client is also the SSL client and the TCP server is the SSL server.
  • False (default).

Note that enabling SSL client mode is not the same as enabling client authentication: TLS client authentication is enabled by configuring one or more trusted certificates for the connection. The Secure Keys property configures the private key that each client-server side uses to authenticate itself to the other side; the Trusted Certificates property configures how each client-server side authenticates the other side.

Secure Keys

The list of private keys to choose from when selecting a private key to use in the communication with the client. If the Secure Keys configuration property is not configured with the SSL server's private key, then this SSL server operates in anonymous server authentication mode, and so enables the appropriate anonymous cipher suites. However, it is highly recommended that the server's private key always be provided here to allow server authentication to be performed. If the server does not have a private key, then one can be generated from Rhapsody's certificate manager.

Refer to Server Authentication for details.

Trusted Certificates

Identifies the trusted certificates used at the non-Rhapsody end of the SSL connection. If it is configured with one or more certificates, then the SSL server requires client authentication as part of the SSL protocol negotiation, and will reject clients that do not present either the configured certificate, or a certificate directly or indirectly issued by the configured certificate. It is highly recommended that client authentication be enabled whenever possible.

Refer to Client Authentication for details.
Stale Connection Recovery

Whether Stale Connection Recovery is enabled:

This configuration property only takes effect if the Number of Connections for this communication point is set to 1.
Stale Connection Timeout The idle timeout in seconds after which a connection is regarded as stale and so replaceable if a new connection is established.

Log Connections

Whether to log connections and disconnections:

  • Enabled - establishing and dropping of all connections to the communication point are logged to the log file specified in the Connection Log File field. Use of this logging facility slows down the communication point considerably. It is intended for debugging purposes and should not generally be used.
  • False (default).

Log Data

Whether to log data:

  • Enabled - all data passed over the connections of the communication point is logged to the log file. This is potentially a large amount of data.
  • False (default).

Log Data As Hex

Whether to log data in hexadecimal form:

  • Enabled - the hexadecimal representation of the data is logged to the log file.
  • False (default) - the data is logged exactly as it is as it passes over the communication point connection.

Connection Log File

The full file name (path and file name) of the file on the server to which to log the information.

Extra Information

Whether to include extra information:

  • None.
  • Log Time (default) - the timestamps are logged with each event.

Incoming Wrapper

Message wrapping around messages received over the socket connection.

  • Minimal (default) - HL7 minimal LLP protocol.
  • User - user-defined header and/or trailer.
  • Hybrid - HL7 hybrid LLP protocol.
  • None - no header and trailer.

Refer to Wrapper Options for details.

Strip Wrapping

Whether or not to strip the wrapping off received messages:

  • Enabled (default).
  • False.

Refer to Strip Wrapping for details.

Incoming Header

This property defines the header that identifies the start of a message on the socket connection.

Only available when the Incoming Wrapper property is set to User.

Incoming Trailer

This property defines the trailer that identifies the end of a message on the socket connection.

Only available when the Incoming Wrapper property is set to User.

Incoming Endian-ness

Determines the incoming endian-ness:

  • Big (default) - big-endian order (most significant byte first).
  • Little - little-endian order (least significant byte first).

Only available when the Incoming Wrapper property is set to User. Certain codes used in the header and trailer definitions can output binary data.

In->Out Timeout Action

Determines the action to take when a timeout occurs while waiting for a response in In->Out mode. This property has no effect in any other mode.

  • Drop Connection - the connection is closed cleanly. The client can then reconnect if it wants to send another message.
  • Receive Next Message (default) - the connection is switched back to Input mode and the next incoming message is received.
  • Send Timeout Response - sends the statically-configured response for the In->Out timeout and then switches the connection back into Input mode so it can receive the next message.
  • Send Timeout Response and Drop Connection - sends the statically-configured response for the In->Out timeout and then cleanly closes the connection. The client can then reconnect if it wants to send another message.

In->Out Timeout Response

The static response to send if a timeout occurs while waiting for a response in In->Out mode. Click ... to select an auxiliary file containing the static response.

Output Mode Properties

Property

Description

Local Port

The port number which to bind the local socket to.

Local Address

The hostname or IP address of the local interface to which to bind the socket connection (all interfaces if empty).

ListenBacklog

The maximum number of connections that the OS kernel queues for the underlying TCP socket. TCP connections which have been established after completing a three-way TCP handshake are queued on this queue until a Rhapsody server communication point accept them.

A Rhapsody communication point can only accept a number of connections equal to its maximum configured connections. Any additional connections will remain on the kernel queue and will not be processed by Rhapsody – client applications will be unaware that their connection is not being processed and may continue to send data. As such, it is imperative that Rhapsody TCP server communication points have the number of connections configured to adequately service all client connections. The listen backlog parameter is only intended to serve as a temporary queue for client connections prior to being accepted by the server communication point.

The specified backlog parameter must be a positive number greater than 0 (zero).

Use SSL

Whether to use SSL:

  • Enabled - secure socket layer is used for this connection and all messages are encrypted.
  • Disabled (default).

It is strongly recommended that SSL be enabled for TCP Server communication points. Refer to TLS/SSL Support in Rhapsody for details.

SSL Protocol Mode

Refer to SSL Protocol Versions for details.

SSL Cipher Suites

Refer to SSL Cipher Suites for details.

Use SSL Client Mode

Whether to use SSL client mode:

  • Enabled - SSL client mode is enabled (in other words, this communication point acts as the SSL client and send the ClientHello packet to initiate the SSL negotiation). In most cases, the TCP client is also the SSL client and the TCP server is the SSL server.
  • Disabled (default).

Note that enabling SSL client mode is not the same as enabling client authentication: TLS client authentication is enabled by configuring one or more trusted certificates for the connection. The Secure Keys property configures the private key that each client-server side uses to authenticate itself to the other side; the Trusted Certificates property configures how each client-server side authenticates the other side.

Secure Keys

The list of private keys to choose from when selecting a private key to use in the communication with the client. If the Secure Keys configuration property is not configured with the SSL server's private key, then this SSL server operates in anonymous server authentication mode, and so enables the appropriate anonymous cipher suites. However, it is highly recommended that the server's private key always be provided here to allow server authentication to be performed. If the server does not have a private key, then one can be generated from Rhapsody's certificate manager.

Refer to Server Authentication for details.

Trusted Certificates

Identifies the trusted certificates used at the non-Rhapsody end of the SSL connection. If it is configured with one or more certificates, then the SSL server requires client authentication as part of the SSL protocol negotiation, and will reject clients that do not present either the configured certificate, or a certificate directly or indirectly issued by the configured certificate. It is highly recommended that client authentication be enabled whenever possible.

Refer to Client Authentication for details.
Stale Connection Recovery

Whether Stale Connection Recovery is enabled:

  • Enabled - the stale connection recovery mode is enabled. Refer to Stale Connection Recovery for details.
  • Disabled (default).

This configuration property only takes effect if the Number of Connections for this communication point is set to 1.
Stale Connection Timeout The idle timeout in seconds after which a connection is regarded as stale and so replaceable if a new connection is established.

Log Connections

Whether to log connections and disconnections:

  • Enabled - establishing and dropping of all connections to the communication point are logged to the log file specified in the Connection Log File field. Use of this logging facility slows down the communication point considerably. It is intended for debugging purposes and should not generally be used.
  • Disabled (default).

Log Data

Whether to log data:

  • Enabled - all data passed over the connections of the communication point is logged to the log file. This is potentially a large amount of data.
  • Disabled (default).

Log Data As Hex

Whether to log data in hexadecimal form:

  • Enabled - the hexadecimal representation of the data is logged to the log file.
  • Disabled (default) - the data is logged exactly as it is as it passes over the communication point connection.

Connection Log File

The full file name (path and file name) of the file on the server to which to log the information.

Extra Information

Whether to include extra information:

  • None.
  • Log Time (default) - the timestamps are logged with each event.

Outgoing Wrapper

Message wrapping around messages received over the socket connection.

  • Minimal (default) - HL7 minimal LLP protocol.
  • User - user-defined header and/or trailer.
  • Hybrid - HL7 hybrid LLP protocol.
  • None - no header and trailer.

Refer to Wrapper Options for details.

Outgoing Header

Defines the header that is written to the socket connection before each message.

Only available when the Outgoing Wrapper property is set to User. 

Outgoing Trailer

Defines the trailer that is written to the socket connection after each message.

Only available when the Outgoing Wrapper property is set to User. 

Outgoing Endian-ness

Determines the outgoing endian-ness:

  • Big (default) - big-endian order (most significant byte first).
  • Little - little-endian order (least significant byte first).

Only available when the Outgoing Wrapper property is set to User. Certain codes used in the header and trailer definitions can output binary data.
Outgoing TCP Packets

Determines whether to include the wrapper in the same TCP packet:

  • If Include wrapper in the same TCP packet as message (default) - the header and trailer are included in the same TCP packet as the message.
  • If Send outgoing message over multiple TCP packets - an outgoing message is always split into at least two TCP packets, which can on occasion assist in detecting broken TCP connections.

This option is only applied when the Outgoing Wrapper property is not set to None.

Bidirectional, In->Out and Out->In Mode

The configuration properties for the TCP Server communication point in Bidirectional, In->Out and Out->In modes is a combination of the properties described above.

Refer to Out->In and In->Out Properties for general details on a communication point's In->Out and Out->In modes.

Connection Monitoring

Refer to Connection Monitoring or details.

Published Properties

Multiple clients can connect to a single TCP Server communication point. After the TLS handshake, the TCP Server communication point sets the following message properties identifying which client sent the message:

  • IncomingSubjectFromCertificate - the Subject DN.
  • IncomingIssuerFromCertificate - the Issuer DN.
  • IncomingSerialNumberFromCertificate - the Issuer serial number (formatted as a decimal number).
  • IncomingSubjectKeyIdentifierFromCertificate - the hex-encoded subject key identifier (if that optional extension is present).