Some words ahead
With custo secure it is possible to transfer evaluations from one custo diagnostic server system to another one and to get the data back the same way. A classical example is the practice of a general doctor recording holter ECGs, transferring the data for analysis to a cardiologist and getting back later the processed evaluation with a report.
For the data transfer a double encrypted connection to a "park" service at the German AWS cloud is used, where only one of the encryption "envelopes" gets removed. This service offers a high availability, with no need for inbound data connections at the customer, but without giving AWS the possibility to read the data.
Preparation
Versions
Yes: You may guess it as it has been always this way: The custo diagnostic server version of the evaluation center must be the same or higher than the versions of all its connected sending practices. The same applies to the client side: The custo diagnostic client versions of all reporting clients of the evaluation center must be the same or higher than the sending custo diagnostic clients.
Connection
Both sides - the sending server as well as the receiving server - must have internet access to the AWS service. The following URLs are used:
https://api.secure.customed.de
https://secureproduction.s3.eu-central-1.amazonaws.com
Those URLs are resolved to various changing IPs. The server may either directly fully access those services (for details check at AWS the IP scopes of the S3 service) or the server can use a proxy server having those internet access possibilities.
In case you use a proxy server (only then):
Open the "Configure custo diagnostic server" program and stop the custo diagnostic server service in the "General" tab:
Then go to the "Java" tab:
Enter the following lines:
|
Most important tor custo secure is the definition of the HTTPs proxy. In case the proxy requires user authentication as well you may add as well:
-Dhttp.proxyUser=<user name>
-Dhttp.proxyPassword=<password>
-Dhttps.proxyUser=<user name>
-Dhttps.proxyPassword=<password>
Afterwards go back to the general tab and start the service.
Certificate trust
The custo diagnostic server (sending practice as well as evaluation center) must trust the certificates of the custo secure AWS service. In most cases this will be the case by default. However, in some cases this may not be the case with an error like the one below:
Log on the computer where the custo diagnostic server is installed.
Open the management console "Computer Certificates" and navigate there to the "Trusted Root Certificates" store. Make sure that the certificate "Amazon Root CA 1" is present.
If not you have to download the certificate "Amazon Root CA 1" (File: "AmazonRootCA1.cer", Distinguished Name: "CN=Amazon Root CA 1,O=Amazon,C=US") from here: https://www.amazontrust.com/repository/.
Than you have to import the downloaded certificate to the "Trusted Root Certificates" store. You can right click on the certificate file and select "Import" or import the certificate in the certificate store management tool as well.
Afterwards reboot the operating system of the computer.
Evaluation center setup
Evaluation center account
If you want to set up a new evaluation center:
Log on with your own computer to the custo secure administration service and create an account for the evaluation center:
Save the config file which your browser will create and transfer it to the computer setting up the evaluation center in the custo diagnostic service center.
Initial setup
Open the service center and navigate to administration where you should find the RDT section:
Click on "Einrichten" and select the file you have created at the administration web page.
This should then create a connection between the custo secure service and the evaluation center.
To secure the setup and for better troubleshooting do 2 more steps:
1) Back up the private key of the evaluation center and store it at a save place:
2) Go to the system doctor and fill the comments field there: This will help you with the troubleshooting later, as you can see this information in the custo secure admin service after the next sync:
In the custo secure admin service it should look like this:
Set up of sending practices
Account set up
In the service center of the evaluation center create a doctor for the sending practice with the details:
On top of logical things like name, address and contact data, the field to not take over the doctor's data of the sending practice should be checked: Otherwise, the doctor's info will be overwritten by the sending practice at the first sync.
In case the evaluation center uses tenants select the right tenant where the data of that sending practice should be stored.
Save the configuration with OK, then mark the relevant doctor in the overview and create the set up file:
Save the file and transfer it to the sending practice.
Please note that the setup file containing a user name and password can only be used once. To get again a valid file go back to the relevant doctor in the evaluation center, set the data transfer status to deactivated and create the same way as before a new setup file.
Initial setup
Log on to the service center of the sending practice.
Ensure that the name and address fields and the comments for telemetry field have been filled with useful information (concerning the comments for telemetry field: Same topic has at the evaluation center setup).
Go to the RDT section and its sending practice section, select the evaluation types (projects) which should get transferred and click on "add channel". Specify a useful name to specify the evaluation center for the users - the name will appear at the custo diagnostic client when the users want to send the evaluation. Pick the file you got from the evaluation center.
This should then register the sending practice at the custo secure service and the config should be ready.
Analysis and Logs
In the service centers of the evaluation center as well as in the ones of the sending practices you should see the data transfer status:
Please note that by default the custo diagnostic service contacts the custo secure service only every 10 minutes. For troubleshooting you may go to Tasks - Scheduler in the service center, mark the datatransfer.execute task and click on the start button at the bottom. This will run the task within the next minute.
In the custo secure admin service you can as well see the last server contact point in time of the relevant custo diagnostic server, its version, the comments for telemetry field content and pending files. Check if the status is plausible. Please note that by re-registering the evaluation center or the sending practice custo secure may create a new record - so check twice if you monitor the right record.