Mesa Testing

Mar 24, 2008 at 3:16 PM
Has anyone successfully completed all the required registry and repository tests with this implementation?

I'm still having trouble with 11909 (Get Related Documents Stored Query) on step uniqueidnorelated -- my registry returned 1 association, but the MESA test tools said that there shouldn't be any.

Thanks,
Darcy
Mar 25, 2008 at 8:54 AM
Darcy,

We were also struggling with the 11909 NIST test, but we left it since this test is defferred for the upcoming Connectathon. We will have to deal with it later on.

Let me ask you a question. Did you manage to complete the rest of the tests? We still have problems with test 12038 and 12086 concerning the TLS certificates. We are also struggling with the certificates in the ATNA tests to log a Certificate Exchange with valid/unregistered/expired certificate.

Regards,

Dirco
Mar 25, 2008 at 11:26 AM
I didn't see that 11909 was actually deferred. I saw your discussion with Bill on the boards though... a deferment would be encouraging :)

12038 wasn't provided in any of the test kits I have seen, but the description for that test was the same as 12029 so I reused that test. Do you know if we are required to do the integrated Source/Repository tests, or is it sufficient to handle all the tests from consumer, source, repository, and registry individually?

I've had no luck with any TLS tests that involve the public registry and repository, although I seem to be able to pass the TLS tests that run against my local registry/repository. Someone with the name of Sachin in the XDS Implementors 07-08 groups says that he got TLS working with a WCF client. I asked him to post his app.config earlier this morning.

Darcy
Mar 25, 2008 at 11:52 AM
Someone was kind enough to send me this (I haven't tested it yet):

Hi Darcy,

This is the config we used to connect to the public registry. You
should change the "contract" attribute and the "clientCertificate"
element to suit your application. Also please note that your hosts
file should resolve hcxw2k1.nist.org not .net.


Regards,
Catalin


<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="RegistryTLS">
<security mode="Transport">
<transport clientCredentialType="Certificate"
proxyCredentialType="None"/>
<message clientCredentialType="None"
establishSecurityContext="false" negotiateServiceCredential="false"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://hcxw2k1.nist.org:9443/axis2/services/
xdsregistryb"
binding="wsHttpBinding"
bindingConfiguration="RegistryTLS"
contract="RegistryContract"
behaviorConfiguration="ClientBehavior" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ClientBehavior">
<clientCredentials>
<clientCertificate findValue="6758fb..."
storeLocation="LocalMachine" storeName="My"
x509FindType="FindByThumbprint"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>


Mar 25, 2008 at 12:19 PM
Test 12038 is actually provided in the latest NIST testkit (6.13), but I know that the user catalinb also asked Bill whether we need to do this test if we already passed 12029. see http://groups.google.com/group/ihe-xds-implementors/browse_thread/thread/5a03828f14debcc2

I've seen your request for this app.config and I've tried it but I still get the same TLS error with the communication to the Public Registry, did this config solve your issue?

Do you have also the ATNA profile to do? Did you manage to succeed in these tests?
Mar 25, 2008 at 1:17 PM
Yes, I'm still having problems connecting with the public registry in test 12086. I'm going to try removing the certificates and converting them with openssl again. Maybe I missed something in that step?

I passed the ATNA tests that show up on the XDS wiki. Were there any atna tests in particular you were wondering about?


dvannorden wrote:
Test 12038 is actually provided in the latest NIST testkit (6.13), but I know that the user catalinb also asked Bill whether we need to do this test if we already passed 12029. see http://groups.google.com/group/ihe-xds-implementors/browse_thread/thread/5a03828f14debcc2

I've seen your request for this app.config and I've tried it but I still get the same TLS error with the communication to the Public Registry, did this config solve your issue?

Do you have also the ATNA profile to do? Did you manage to succeed in these tests?

Mar 25, 2008 at 1:27 PM
I'm sorry, I had to specify the Secure Node profile.
I was wondering how you passed the tests 11141/11142/11143/11180 using this codeplex project. How did you manage to log a Certificate Exchange with unregistered or expired certificate? It's not possible to differentiate any certificate information with this WCF implementation.

Dirco


e9p1 wrote:
Yes, I'm still having problems connecting with the public registry in test 12086. I'm going to try removing the certificates and converting them with openssl again. Maybe I missed something in that step?

I passed the ATNA tests that show up on the XDS wiki. Were there any atna tests in particular you were wondering about?


dvannorden wrote:
Test 12038 is actually provided in the latest NIST testkit (6.13), but I know that the user catalinb also asked Bill whether we need to do this test if we already passed 12029. see http://groups.google.com/group/ihe-xds-implementors/browse_thread/thread/5a03828f14debcc2

I've seen your request for this app.config and I've tried it but I still get the same TLS error with the communication to the Public Registry, did this config solve your issue?

Do you have also the ATNA profile to do? Did you manage to succeed in these tests?


Mar 25, 2008 at 1:43 PM
I only completed the ATNA tests shown on the XDS wiki. A co-worker of mine was responsible for those tests that you mentioned above, he used java keystores for his HL7 and DICOM implementation -- we have not done these with WCF.

Darcy


dvannorden wrote:
I'm sorry, I had to specify the Secure Node profile.
I was wondering how you passed the tests 11141/11142/11143/11180 using this codeplex project. How did you manage to log a Certificate Exchange with unregistered or expired certificate? It's not possible to differentiate any certificate information with this WCF implementation.

Dirco


e9p1 wrote:
Yes, I'm still having problems connecting with the public registry in test 12086. I'm going to try removing the certificates and converting them with openssl again. Maybe I missed something in that step?

I passed the ATNA tests that show up on the XDS wiki. Were there any atna tests in particular you were wondering about?


dvannorden wrote:
Test 12038 is actually provided in the latest NIST testkit (6.13), but I know that the user catalinb also asked Bill whether we need to do this test if we already passed 12029. see http://groups.google.com/group/ihe-xds-implementors/browse_thread/thread/5a03828f14debcc2

I've seen your request for this app.config and I've tried it but I still get the same TLS error with the communication to the Public Registry, did this config solve your issue?

Do you have also the ATNA profile to do? Did you manage to succeed in these tests?