Orthanc Peer Using HTTPS Encryption

TM_Co · July 5, 2021, 4:53pm

Hi everyone, I’ve been trying to connect two Orthanc instances together as peers using HTTPS encryption, but one of the instances says " “libCURL error: SSL peer certificate or SSH remote key was not OK” while the other is unable to connect to the first instance. What are the required ports for Orthanc to connect as peers? Also I generated self-signed SSL certificates for each of the Orthanc instances using OpenSSL. Is it possible that there’s an issue with that? Thank you

James_Manners · July 5, 2021, 9:21pm

Hi,

If you are using a self signed certificate with an Orthanc peer, you will need to set the HttpsCACertificates config variable to point to your peer’s public certificate. See https://book.orthanc-server.com/faq/https.html#id7

In terms of ports, Orthanc uses the same port regardless if you are using http or https.

Hope that helps.

James

TM_Co · July 5, 2021, 11:59pm

I have already set the HttpsCACertificates config variable, but it made no difference with it set.

jodogne · July 6, 2021, 5:19am

Hello,

The Orthanc Book contains a full section about configuring HTTPS between peers:
https://book.orthanc-server.com/faq/https.html#configuring-orthanc-peers

A common error is no setting the “Common Name (e.g. server FQDN or YOUR name)” to a valid value (e.g. “localhost” for testing) during the generation of the self-signed certificate:

https://book.orthanc-server.com/faq/https.html#securing-orthanc-using-self-signed-certificate

Sébastien-

TM_Co · July 6, 2021, 11:29pm

The 2 Orthanc servers I have are on 2 different machines, so what would I use for the common name in that case?

jodogne · July 7, 2021, 4:46am

The 2 Orthanc servers should have 2 different FQDN. The FQDN of one server must correspond to its hostname.