Status | ACTIVE |
|---|---|
Last Updated | 7th February, 2025 |
Version | 3 |
This only applies to customers who are connecting to our Hl7 API over the Public Internet and not using HSCN.
Available endpoints on Port 443:
Deprecations
my.patientsknowbest.com:7443 is now deprecated.
Overview
The two available endpoints will only accepts ciphers that are deemed as RECOMMEDED and SECURE by the industry, if you are unable to support the below listed ciphers, please contact our support desk (email: help@patientsknowbest.com).
Better support clients in the clould
We offer mtls.hl7.uk.patientsknowbest.com to those customers who have moved to the cloud and can’t use static IPs when accessing our services. It is also our prefered setup for new customers.
Identity is still derived from client credentials and not the client certificate. mTLS in this scenario is only used to replace IP allow listing.
Security
Customers, who have
up-to-date client software tools that support the state of the art cipher suites,
have static IPs that we can allow-list and
can’t allocate budget to implement mTLS in short term
can move to no-mtls.hl7.uk.patientsknowbest.com.
Standard ports
Using standard ports (443) allows us to consolidate our server certificate management and fully automate the renewall process for all our endpoints.
Supported ciphers
Legend
supported
not-supported
Name (OpenSSL) | mtls | no-mtls | |
|---|---|---|---|
RECOMMENDED |
|
| |
RECOMMENDED |
|
| |
RECOMMENDED |
|
| |
RECOMMENDED |
|
| |
RECOMMENDED |
|
| |
RECOMMENDED |
|
| |
SECURE |
|
| |
SECURE |
|
| |
SECURE |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
| |
WEAK |
|
|