3.1.1 Upgrade Guide

Due to the recent POODLE vulnerability, we have disabled SSLv3 for all of our relevant connectors and connections that use SSL. In case you are connecting to some legacy systems that require SSLv3, it is possible to re-enable SSLv3. In your mirth.properties file, you will find the following two properties:

https.client.protocols = TLSv1.2,TLSv1.1,TLSv1
https.server.protocols = TLSv1.2,TLSv1.1,TLSv1,SSLv2Hello

If you need to use SSLv3, simply add "SSLv3" into the comma separated list for the client or server protocols and restart your server. These two properties also allow you to configure exactly which SSL protocols you wish to use. Similarly, if you need to add or remove cipher suites, you can update the https.ciphersuites property in the mirth.properties file.

Please note that if you are making https connections programmatically in JavaScript, you will still need to update your code accordingly in order to disable SSLv3.

When upgrading to Mirth Connect 3.1.1+ OR Java 8, some users have experienced issues connecting to the Mirth Connect Administrator or external SSL endpoints which previously worked fine. This is likely because some servers do not implement forward compatibility correctly and refuse to talk to TLS 1.1 or TLS 1.2 clients. TLSv1.2 and TLSv1.1 are enabled by default in Java 8. As such we have also decided to enabled them by default beginning with 3.1.1 regardless of Java version. If you experience these issues, you should first try disabling TLSv1.2 and TLSv1.1 by updating the https.client.protocols property and restarting the server

https.client.protocols = TLSv1

If you are still unable to connect to the Mirth Connect Administrator, you can try also disabling TLSv1.2 and TLSv1.1 on the server protocols. For security reasons, It is recommended to leave the default settings unless you are explicitly running into issues connecting to SSL endpoints.