Question: How do I configure fhir-notification Kafka so I don’t have to use a keystore?

The IBM FHIR Server provides an eventing service that notifies about persistence events – CUD (Create-Update-Delete). The notification service can trigger specific actions in a downstream application. You can configure these events to flow to Apache Kafka.

If you want to configure the IBM FHIR Server without a keystore, you can configure SASL_SSL like the below (notice there is no keystore specified).

            "kafka": {
                "enabled": true,
                "topicName": "FHIR_NOTIFICATIONS",
                "connectionProperties": {
                    "bootstrap.servers": ",,,,,",
                    "security.protocol": "SASL_SSL",
                    "sasl.mechanism": "PLAIN",
                    "ssl.protocol": "TLSv1.2",
                    "ssl.enabled.protocols": "TLSv1.2",
                    "ssl.endpoint.identification.algorithm": "HTTPS",
                    "": "SSL",
                    "sasl.jaas.config": " required username=\"token\" password=\"MYPASSWORD\";",
                    "acks": "all",
                    "retries": "60",
                    "": "10000",
                    "": "60000",
                    "": "5",
                    "client.dns.lookup": "use_all_dns_ips"

If you run a workload against IBM FHIR Server, it’ll generate a set of notifications…

  1. Download Kafka from

  2. Create a

cat << EOF >,,,,, required username="token" password="MYPASSWORD";
  1. Unzip the kafka archive

  2. Check the Kafka Console Consumer

bash bin/ --bootstrap-server,,,,, --topic FHIR_NOTIFICATION --max-messages 25 --property print.timestamp=true --consumer.config

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.