Mirth Connect 4.5.2 (NextGen Connect) HL7 and FHIR healthcare integration engine on Ubuntu 24.04 by cloudimg. Web admin and REST API behind nginx TLS, per VM admin rotated on first boot, Derby DB on a data disk. MPL 2.0 licensed.
## Mirth Connect (NextGen Connect) on Ubuntu 24.04 by cloudimg
Mirth Connect, now known as NextGen Connect, is the most widely deployed open source healthcare integration engine. It is an interface engine where you build channels that receive, filter, transform, and route clinical messages between disparate systems. Mirth Connect speaks the languages of healthcare interoperability out of the box, including HL7 v2 and v3, FHIR, X12, DICOM, XML, JSON, and delimited text, and it can move those messages over MLLP, TCP, HTTP, file, database, SFTP, and more.
The cloudimg image installs Mirth Connect 4.5.2 (MPL 2.0) on OpenJDK 17, running as a dedicated service user under systemd. Mirth is HTTPS native and its web admin plus REST API listen on loopback 127.0.0.1 port 8443 only. nginx terminates TLS on port 443 with a per VM self signed certificate and proxies to the loopback listener, so the admin surface is never exposed in the clear. Port 80 serves an unauthenticated health endpoint and redirects everything else to HTTPS. The embedded Derby database, the auto generated keystore, and the configuration map live under /var/lib/mirthconnect on a dedicated Azure data disk that is captured into the image and re provisioned on every customer VM.
The default admin login is rotated to a unique per VM password on every customer VM via the Mirth REST API on first boot, and the default admin login is proven disabled before the image ships. Mirth channels open their own inbound listener ports (for example an HL7 MLLP listener on TCP 6661); those are customer defined per channel, so open only the specific ports your channels use in the Azure network security group, as documented in the guide. This image ships as infrastructure only: you are responsible for all HIPAA and PHI controls, including encryption, access control, network isolation, and audit, and cloudimg does not imply certified compliance. Backed by 24/7 cloudimg support.