Menu

TTT-Installation

ttt (2)
Alan Viars

Transport Testing Tool Installation

This document describes how to get the Trasport Testing Tool configured on
your own hardware or instance installing "from scratch" using the ttt.war or using the
VMWare Image.

Overview:

  1. Assign DNS domain

    • Register domain
    • Establish MX records etc. in DNS environment
    • Update tk_props.txt configuration file

  2. SMPT server for sending validation reports

    • Validation report message format (local installation can have customized wording)
    • Direct (To) addresses for triggering CCDA validation
    • DNS domain where toolkit is installed

  3. Create and install encryption cert tied to this domain

    • Create and install trust anchor tied to this domain (or find existing trust anchor is this site is covered within its namespace)
    • Create and install signing cert tied to this domain
    • Configure Ubuntu Linux (under VMWare) with hostname/IP address taken from this DNS domain
    • Establish configuration for DNS servers

Firewall Configuration

Open the following inbound ports.

TCP Port (Service)  Source
22 (SSH)            0.0.0.0/0   
25 (SMTP)           0.0.0.0/0
8080 (HTTP*)        0.0.0.0/0

DNS Configuration

Setup a static ip and a domain name. Create a static IP and associate
it with a domain name.

In this example, we will use the IP "123.123.123.123" and the hostnme
"example.com".

Setup the A, CNAME as show below.

Type:           Source:             Destination:
-----------     ----------------    ---------------
A Record        *.example.com       123.123.123.123 
A Record        example.com         123.123.123.123 
CNAME Record    mail.example.com    example.com 
CNAME Record    smtp.example.com    example.com

Setup the MX (Mail) Records as shown below.

mail.example.com    20
smtp.example.com    10

Generating Certificates

See https://github.com/meaningfuluse/mu2/blob/master/transport/creating-direct-certificates-using-vmware.md

Installing using the VMWare Image:

The tool is packaged as a VMWare image and can be ran using VMWarePlayer and
other VMWare tools.

The basic steps are as follows:

  1. Download the file [http://ttt-files.s3.amazonaws.com/Ubuntu-64-bit-ttt-December-13-2012.zip]
    (http://ttt-files.s3.amazonaws.com/Ubuntu-64-bit-ttt-December-13-2012.zip)
  2. Unzip the file "Ubuntu-64-bit-ttt-December-13-2012.zip" to a folder such as "ttt-vm".
  3. Download VMWare Player from [http://www.vmware.com/products/player/]
    (http://www.vmware.com/products/player/)
  4. Start VMWare Player.
  5. Press Ctrl-O to open a VMWare Image
  6. Navigate to folder extracted in step 1 and select the file
    "Ubuntu-64-bit-ttt.vmx" and click "Open".
  7. When the virtual VM is completely booted you will see a login prompt,
    The username is ubuntu and the password is homerlovesdonuts.
  8. Optional: At this point you may want to determine your IP with "ifconfig" and then access the computer via ssh.
  9. Upon boot, the ttt tomcat application will run on port 8080 and the SMTP lister will be running on port 25.
  10. Attach the VMWare Image to your host name. We will use "example.com". Since the tool is expected to send and receive data via SMTP, it is necessary to connect the server to an Internet accessible IP address and a host name registered in DNS. Consult a systems administrator to help configure the IP, DNS, and firewall settings for your site.
  11. Follow the instructions in the "Customizing the Configuration File" section.

Installing from Scratch (Unsupported)

Fetch the Necessary Prerequisites:

sudo apt-get update
sudo apt-get install git-core openjdk-7-jdk
wget http://mirrors.ibiblio.org/apache/tomcat/tomcat-5/v5.5.36/bin/apache-tomcat-5.5.36.tar.gz
tar  -zxvf apache-tomcat-5.5.36.tar.gz
wget http://foo.com/yourcerts.tar.gz
tar -zxvf yourcerts.tar.gz
cp yourcerts/* /home/ubuntu/apache-tomcat-5.5.36/webapps/ttt/pubcert

Setup JAVA_HOME and CATALINA_HOME:

export JAVA_HOME=/usr/lib/jvm/java-1.7.0-openjdk-amd64
echo "export JAVA_HOME=$JAVA_HOME" >> ~/.bashrc
export JAVA_OPTS="-Xmx256m -XX:MaxPermSize=256m"
echo "export JAVA_OPTS=$JAVA_OPTS" >> ~/.bashrc
export CATALINA_HOME=/home/ubuntu/apache-tomcat-5.5.36
echo "export CATALINA_HOME=$CATALINA_HOME" >> ~/.bashrc
source ~/.bashrc

Verify Java 7 is Installed:

java -version

Install Cryptographic Extensions:

You must fetch the "jce_policy-1_4_2.zip" file from Oracle's website. Then you
can follow the instructions below.

unzip jce_policy-1_4_2.zip
sudo cp jce/US_export_policy.jar $JAVA_HOME/jre/lib/security
sudo cp jce/local_policy.jar $JAVA_HOME/jre/lib/security

Follow the Instructions to Customize the Configuration File

Start the Tomcat Server

Not you will most likely need to adjust the configuration file before completing
the next step.

cp apache-tomcat-5.5.36/bin
sudo ./startup.sh

Installing using the VMWare Image

The tool is packaged as a VMWare image and can be ran using VMWarePlayer and
other VMWare tools.

The basic steps are as follows:

  1. Download the file [http://ttt-files.s3.amazonaws.com/Ubuntu-64-bit-ttt-December-13-2012.zip]
    (http://ttt-files.s3.amazonaws.com/Ubuntu-64-bit-ttt-December-13-2012.zip)
  2. Unzip the file "Ubuntu-64-bit-ttt-December-13-2012.zip" to a folder such as "ttt-vm".
  3. Download VMWare Player from [http://www.vmware.com/products/player/]
    (http://www.vmware.com/products/player/)
  4. Start VMWare Player.
  5. Press Ctrl-O to open a VMWare Image
  6. Navigate to folder extracted in step 1 and select the file
    "Ubuntu-64-bit-ttt.vmx" and click "Open".
  7. When the virtual VM is completely booted you will see a login prompt,
    The username is ubuntu and the password is homerlovesdonuts.
  8. Optional: At this point you may want to determine your IP with "ifconfig" and then access the computer via ssh.
  9. Upon boot, the ttt tomcat application will run on port 8080 and the SMTP lister will be running on port 25.
  10. Attach the VMWare Image to your host name. We will use "example.com". Since the tool is expected to send and receive data via SMTP, it is necessary to connect the server to an Internet accessible IP address and a host name registered in DNS. Consult a systems administrator to help configure the IP, DNS, and firewall settings for your site.
  11. export CATALINA_HOME=/usr/share/tomcat
  12. Using a text editor, Change the following values in $CATALINA_HOME/external_cache/tk_props.txt.
  13. Follow the instructions in the ""Customizing the Configuration" File section.

Save the file.

  1. Restart Tomcat

    sudo /etc/init.d/tomcat restart

The new values are now applied to the server and your system should be configured.

Customizing the Configuration File

Change this setting:

 direct.reporting.privKeyPassword:

To:
direct.reporting.privKeyPassword: yourpassword

Change the SMTP settings: 

direct.reporting.mail.host: spamav1.nist.gov
direct.reporting.mail.from: direct-testing@hit-testing.nist.gov
direct.reporting.mail.smtp.port: 25
direct.reporting.mail.smtp.auth: 
direct.reporting.mail.smtp.starttls: false 
direct.reporting.mail.smtp.user: direct-testing
direct.reporting.mail.smtp.password: RealPasswordGoesHere
direct.reporting.mail.debug: false

To:

direct.reporting.mail.host: example.com
direct.reporting.mail.from: direct-testing@example.com
direct.reporting.mail.smtp.port: 25
direct.reporting.mail.smtp.auth: 
direct.reporting.mail.smtp.starttls: false 
direct.reporting.mail.smtp.user: direct-testing
direct.reporting.mail.smtp.password: your-smtp-passord
direct.reporting.mail.debug: false

Change the following settings:

direct.reporting.directory: /usr/share/tomcat/ttt/webapps/ROOT/direct/
direct.reporting.baseurl: http://hit-testing.nist.gov:9100/direct/

To:

direct.reporting.directory: /usr/share/tomcat/ttt/webapps/ROOT/direct/
direct.reporting.baseurl: http://example.com:8080/direct/

In the following settings, Change the host names from hit-testing.nist.gov: 

direct.reporting.ccdatype.directTo1: direct-clinical-summary@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo2: direct-ambulatory@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo3: direct-ambulatory@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo4: direct-ambulatory@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo5: direct-inpatient@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo6: direct-inpatient@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo7: direct-inpatient@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo8: direct-vdt-ambulatory@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo9: direct-vdt-inpatient@hit-testing.nist.gov
.
.
direct.reporting.ccdatype.directTo10: ccda@hit-testing.nist.gov
.
.
direct.toolkit.dns.domain: hit-testing.nist.gov
.
.
direct.toolkit.smtp.domain: smtp.hit-testing.nist.gov

To:

direct.reporting.ccdatype.directTo1: direct-clinical-summary@example.com
.
.
direct.reporting.ccdatype.directTo2: direct-ambulatory@example.com
.
.
direct.reporting.ccdatype.directTo3: direct-ambulatory@example.com
.
.
direct.reporting.ccdatype.directTo4: direct-ambulatory@example.com
.
.
direct.reporting.ccdatype.directTo5: direct-inpatient@example.com
.
.
direct.reporting.ccdatype.directTo6: direct-inpatient@example.com
.
.
direct.reporting.ccdatype.directTo7: direct-inpatient@example.com
.
.
direct.reporting.ccdatype.directTo8: direct-vdt-ambulatory@example.com
.
.
direct.reporting.ccdatype.directTo9: direct-vdt-inpatient@example.com
.
.
direct.reporting.ccdatype.directTo10: ccda@example.com
.
.
direct.toolkit.dns.domain: example.com
.
.
direct.toolkit.smtp.domain: example.com

Save the file.

  1. Restart Tomcat

    sudo /etc/init.d/tomcat restart

The new values are now applied to the server and your system should be configured.

Related

Wiki: MeaningfulUse