Process

Set the correct registry file, insert the smartcard in the card reader and select the role ‘endpoint administrator’ from the role selection list. Note: if more than one manufacturer code is available on the smartcard, select the one corresponding to the manufacturer of the product being deployed. 

From the Spine Portal menu, press ‘Launch endpoint registration service’, or navigate to: https://wfe.<env>.iam.spine2.ncrs.nhs.uk/eprwebapp, where <env> is int, dep or dev.

For the training environment, the URL should be: https://cis.tsp.national.ncrs.nhs.uk/eprwebapp.

How to create a CMA, MHS or AS endpoint request. 

From the Endpoint Registration Service (EPR) home page, select the 'Create Endpoint' menu and then press 'CMA Endpoint'.

For recipient organisation press 'Select'.

In the 'Search Organisation' field enter the required ODS code and press the search button. This should be the organisation that will be using the product. 

Select the correct organisation from the list and press the 'Confirm' button.

In the 'Select manufacturer' drop down list, select the relevant manufacturer. This will be the name of the company which produces the local software (product) that is being used.

Click the ‘Select’ link to the right of the ‘product name’ field. 

Select the relevant product version from the list, the associated message sets will be displayed in the right hand column, review the list and if correct, press the 'Confirm' button. This list will only display the products registered by the selected manufacturer as ‘CMA’ products. 

Enter the IP address into the 'Source IP' field - this should be the IP address which is registered on N3 and is registered against the FQDN on the N3 Domain Name Server (DNS).

Select the ‘No’ radio button for 'Update DNS'. At present, DNS registrations are still being completed by emailing the request form to the DNS team. See the troubleshooting and FAQs section for more details.

Enter the MHS name into the ‘Description’ field, this can be a local reference or name. Most suppliers use the FQDN here.

In the ‘message set details’ section, this is where the URL bindings are set. Enter the FQDN in the relevant field. This will be the FQDN that the messages are routed to.

Press the 'Apply to all' button; this will update all of the URL bindings with this FQDN.

The next step will depend upon whether the requestor would like a single binding URL for all interactions or whether a variety of different URLs are required.

• For a single Binding URL – Enter the filepath in the ‘URL’ field and click the ‘Apply to all’ button. The system will add the first ‘/’ automatically, so there is no need to include this. 
• For example, if ‘https://test1.x26.hscic.nhs.uk/mhs/mhs’ is required as the binding URL enter ‘test1.x26.hscic.nhs.uk’ in the FQDN field and ‘mhs/mhs’ in the URL field

• If a variety of different message bindings are required. For example if different messaging interactions are routed to different areas by the MHS, the individual paths will need to be entered manually for each interaction.

Paste the contents of the Certificate Signing Request (CSR) file into the CSR field. This should have a key length of 2048 and have the common name (cn) set to the FQDN.

Minimise the ‘Category Bag Details’ section by clicking on the minimise icon.

Any relevant notes should be entered in the notes section, in addition to the organisation, name and contact details of the person submitting the request. This is especially important when using a shared smartcard. This allows the Environments Management Team (EMT) to contact the requestor about their submission, should clarification or further information be required.

Press the 'Submit request' button

Make a note of the 'CMA party key and ASID' and request values and press the close button. Please note: these values will not be uploaded to SDS until the request has been approved by EMT.

The request has now been submitted for approval. Once approved, the request will move into the ‘Registered’ queue. The requestor should log in periodically to check their ‘Awaiting Action’, ‘Submitted Requests’ and ‘Registered’ lists.

From the Endpoint Registration Service (EPR) home page, select the 'Create Endpoint' menu and then press 'MHS Endpoint'.

For 'Recipient organisation' press Select

In the 'Search Organisation' field enter the required ODS code and press the search button. This should match the organisation that has the Endpoint Administrator role.

Select the correct organisation from the list and press the 'Confirm' button.

In the 'Select manufacturer' drop down list, select the relevant manufacturer. This will be the name of the company which produces the local software (product) that is being used.

Click the ‘Select’ link to the right of the ‘product name’ field.

Select the relevant product version from the list, the associated message sets will be displayed in the right hand column, review the list and if correct, press the Confirm button. This list will only display the products registered by the selected manufacturer as ‘MHS’ products.

Enter the IP address into the 'Source IP' field, this should be the IP address which is registered on N3 and is registered against the FQDN on the N3 Domain Name Server (DNS).

Select the No radio button for 'Update DNS'. At present, DNS registrations are still being completed by emailing the request form to the DNS team.

Enter the MHS name into the ‘Description’ field, this can be a local reference or name. Most suppliers use the FQDN here.

In the ‘message set details’ section, this is where the URL bindings are set. Enter the FQDN in the relevant field. This will be the FQDN that the messages are routed to.

Press the 'Apply to all' button; this will update all of the URL bindings with this FQDN.

The next step will depend upon whether the requestor would like a single binding URL for all interactions or whether a variety of different URLs are required. 

• For a single Binding URL – Enter the file path in the ‘URL’ field and click the ‘Apply to all’ button. The system will add the first ‘/’ automatically, so there is no need to include this. 
• For example, if ‘https://test1.x26.hscic.nhs.uk/mhs/mhs’ is required as the binding URL enter ‘test1.x26.hscic.nhs.uk’ in the FQDN field and ‘mhs/mhs’ in the URL field

• If a variety of different message bindings are required. For example if different messaging interactions are routed to different areas by the MHS, the individual paths will need to be entered manually for each interaction.

Paste the contents of the Certificate Signing Request (CSR) file into the CSR field. This should have a key length of 2048 and have the common name (cn) set to the FQDN.

Minimise the ‘Category Bag Details’ section by clicking on the minimise icon.

Any relevant notes should be entered in the notes section, in addition to the organisation, name and contact details of the person submitting the request. This is especially important when using a shared smartcard. This allows EMT to contact the requestor about their submission, should clarification or further information be required.

Press the 'Submit request' button

Make a note of the 'MHS party key' and request values and press the close button. Please note: these values will not be recognised by Spine until the request has been approved by EMT.

The request has now been submitted for approval. Once approved, the request will move into the ‘Registered’ queue. The requestor should log in periodically to check their ‘Awaiting Action’, ‘Submitted Requests’ and ‘Registered’ lists.

If an MHS endpoint is created, at least one ASID (AS) must be created and associated with the new party key. This process can be repeated for each additional ASID but can only be completed after the MHS Party Key request has been approved by EMT.

From the Endpoint Registration Service (EPR) home page, select the 'Create Endpoint' menu and then press 'AS Endpoint'.

For 'Recipient organisation' press Select

In the 'Search Organisation' field enter the required ODS code and press the search button. This should be the organisation which will be using the product.

Select the correct organisation  from the list and press the 'Confirm' button.

To associate the required party key, click the ‘select’ link to the right of the ‘MHS Party Key ID’ field.

In the ‘Search Organisation’ field, enter the name or ODS code of the required party key and select the correct organisation from the list before clicking ‘Continue’. 

A list of MHS Party Keys will be listed (CMA Party Keys cannot be selected and are not displayed), select the required party key and then click confirm. Only Party Keys which have been approved by EMT will be displayed in this list.

In the 'Select manufacturer' drop down list, select the relevant manufacturer. This will be the name of the company which produces the local software (product) that is being used.

Click the ‘Select’ link to the right of the ‘product name’ field.

Select the relevant product version from the list, the associated message sets will be displayed in the right hand column, review the list and if correct, press the 'Confirm' button. This list will only display the products registered by the selected manufacturer as ‘AS’ products.

Enter the MHS name into the ‘Description’ field, this can be a local reference or name. Most suppliers use the FQDN here.

The message set details will be displayed when the product is selected, review the list and either scroll down or minimise the ‘message set details’ section by clicking on the minimise icon.

Minimise the ‘Category Bag Details’ section by clicking on the minimise icon.

Any relevant notes should be entered in the notes section, in addition to the organisation, name and contact details of the person submitting the request. This is especially important when using a shared smartcard. This allows EMT to contact the requestor about their submission, should clarification or further information be required.

Press the 'Submit request' button

Make a note of the 'ASID' and request values and press the close button. Please note: these values will not be recognised by Spine until the request has been approved by EMT.

The request has now been submitted for approval. Once approved, the request will move into the ‘Registered’ queue.  The requestor should log in periodically to check their ‘Awaiting Action’, ‘Submitted Requests’ and ‘Registered’ lists.

This section covers retrieving an Endpoint Certificate generated as part of a new request. To generate a new End Point Certificate for an existing connection, please see troubleshooting and FAQs for more details.

Log into the Endpoint Registration Service as 'Endpoint Administrator' and click on ‘Manage Endpoint’.

Click on the ‘select’ link.

In the 'Search Organisation' field enter the ODS code and press the Search button. A list of matching organisations and ODS codes will be displayed. Scroll through the list, select the organisation and press the 'Confirm' button.

A list of party keys associated with the selected organisation will be displayed. This list will contain both CMA and MHS party keys. Locate the required party key, using the filter field if required.

Select the required party key using the radio button and then click the ‘retrieve certificate’ button.

A list of available certificates will be displayed, showing the issue and expiry dates. Select the required certificate and then click ‘Retrieve Certificate’. If you get an error stating that no certificates are available, or you are looking to renew a certificate for an existing endpoint, please see the FAQ section.

A confirmation message will be displayed, confirming that the download has begun. Click the ‘close’ button.

A pop up message, banner or footer will be displayed by the internet browser to offer the option to ‘Open’, ‘Save’ or ‘Cancel’ the download. Select ‘Save’.

Retrieve the saved zip file from the web browser download folder (this location varies depending on the browser used).

The certificate is saved as a .crt file within the zip file.

Log into the Endpoint Registration Service as 'Endpoint Administrator' and click on ‘Manage Endpoint’.

Click on the ‘select’ link.

In the ‘Search Organisation’ field enter the ODS code and press the search button, A list of matching organisation and ODS codes will be displayed. Scroll through the list, select the organisation and press the confirm button.

A list of party keys associated with the selected organisation will be displayed. This list will contain both CMA and MHS party keys. Locate the required party key, using the filter if required.

Click on the party key itself (not the radio button) to review details of the connection. Scroll to the bottom of the page and click ‘Modify Endpoint'.

Follow the 'Create an End Point request' instructions to create the request, substituting ‘select’ for ‘change’.