orthweb icon indicating copy to clipboard operation
orthweb copied to clipboard
verified publisher icon digihunch

instruction to turn off TLS for DICOM traffic

Open digihunch opened this issue 3 years ago • 1 comments

digihunch avatar Apr 14 '23 13:04 digihunch

there are requests to turn off TLS on Envoy.

  1. be wary of the consequence of not using TLS
  2. In envoy.yaml, replace string "dicomtls" with "dicom"
  3. comment out the following sections below the line "cluster: service-dicom"
       #transport_socket:
       #  name: envoy.transport_sockets.tls
       #  typed_config:
       #    "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
       #    common_tls_context:
       #      tls_certificates:
       #      - certificate_chain: {"filename": "/etc/ssl/certs/site.pem"}
       #        private_key: {"filename": "/etc/ssl/certs/site.pem"}
       #      validation_context:
       #        allow_expired_certificate: true
       #        trusted_ca: {"filename": "/etc/ssl/certs/site.pem"}
       #    require_client_certificate: false

digihunch avatar Apr 15 '23 02:04 digihunch