Office Ally Eligibility Issue

Mark_Sarnov · September 8, 2022, 8:07pm

Hi all.
For some reason, in the last week, Office Ally eligibility has stopped working. I am getting the following error when trying to run eligibility:

Error:Receiver
Could not establish secure channel for SSL/TLS with authority ‘wsd.officeally.com’.

as noted in the attached image.

I have not changed anything in Openemr and I am on version 6.1.0.
I have updated my server with the most recent patches (Ubuntu 22.04) which likely updated PHP, etc.

Anyone know where I should look next?
I have contacted Office Ally, but they have not been able to help.

Thank you in advance!

juggernautsei · October 16, 2022, 3:36am

Hi @Mark_Sarnov, I tested the officeally connection and this is what I received.

	ubuntu@ip-172-31-32-112:~$ curl https://wsd.officeally.com/TransactionSite/rtx.aspx --verbose
	* Trying 74.63.185.194:443…
	* Connected to wsd.officeally.com (74.63.185.194) port 443 (#0)
	* ALPN, offering h2
	* ALPN, offering http/1.1
	* CAfile: /etc/ssl/certs/ca-certificates.crt
	* CApath: /etc/ssl/certs
	* TLSv1.0 (OUT), TLS header, Certificate Status (22):
	* TLSv1.3 (OUT), TLS handshake, Client hello (1):
	* TLSv1.2 (IN), TLS header, Certificate Status (22):
	* TLSv1.3 (IN), TLS handshake, Server hello (2):
	* TLSv1.2 (IN), TLS header, Finished (20):
	* TLSv1.2 (IN), TLS header, Supplemental data (23):
	* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
	* TLSv1.2 (IN), TLS header, Supplemental data (23):
	* TLSv1.3 (IN), TLS handshake, Certificate (11):
	* TLSv1.2 (IN), TLS header, Supplemental data (23):
	* TLSv1.3 (IN), TLS handshake, CERT verify (15):
	* TLSv1.2 (IN), TLS header, Supplemental data (23):
	* TLSv1.3 (IN), TLS handshake, Finished (20):
	* TLSv1.2 (OUT), TLS header, Finished (20):
	* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
	* TLSv1.2 (OUT), TLS header, Supplemental data (23):
	* TLSv1.3 (OUT), TLS handshake, Finished (20):
	* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
	* ALPN, server did not agree to a protocol
	* Server certificate:
	* subject: C=US; ST=Washington; L=Vancouver; O=Office Ally, Inc.; CN=*.officeally.com
	* start date: Jul 14 00:00:00 2022 GMT
	* expire date: Aug 14 23:59:59 2023 GMT
	* subjectAltName: host wsd.officeally.com matched cert’s *.officeally.com
	* issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS RSA SHA256 2020 CA1
	* SSL certificate verify ok.
	* TLSv1.2 (OUT), TLS header, Supplemental data (23):
	> GET /TransactionSite/rtx.aspx HTTP/1.1
	> Host: wsd.officeally.com
	> User-Agent: curl/7.81.0
	> Accept: /
	>
	* TLSv1.2 (IN), TLS header, Supplemental data (23):
	* Mark bundle as not supporting multiuse
	< HTTP/1.1 405 Method Not Allowed
	< Date: Sun, 16 Oct 2022 03:33:18 GMT
	< Content-Length: 0
	< Connection: keep-alive
	< Allow: POST
	< Strict-Transport-Security: max-age=16070400; includeSubDomains
	<
	* Connection #0 to host wsd.officeally.com left intact