Synura Connect — Native MLLP over TLS Engines

If your integration engine supports outbound MLLP over TLS, it can connect to Synura directly — no additional software needed.

This applies to engines like Rhapsody, Iguana, InterSystems HealthShare, Epic Bridges, Cloverleaf, and any other platform with native TLS socket support.

Configuration

Point your engine’s MLLP over TLS connector at the Synura Connect endpoint:

Setting	Value
Protocol	MLLP over TLS
Host	`{subdomain}.synura.io`
Port	`443`
TLS version	1.2 minimum
Client certificate	Not required (server-side TLS only)
SNI	Must be enabled

Replace {subdomain} with the value assigned to your organisation. This is set when you create an endpoint in the Synura dashboard — for example, if your subdomain is acmelab, your host is acmelab.synura.io.

That’s the entire configuration. No certificates to import, no tunnels to set up.

SNI requirement

Synura uses SNI (Server Name Indication) to route traffic to your tenant. All modern integration engines send SNI by default — you should not need to configure anything.

If your engine has an explicit SNI setting, set it to {subdomain}.synura.io.

Certificate trust

Synura uses a Let’s Encrypt certificate (ISRG Root X1). This root is trusted by default in all current operating systems and Java distributions.

If your engine runs in a restricted environment with a custom trust store, you may need to import the root certificate. See TLS Troubleshooting — Trust Store Issues for instructions.

Verify your connection

Use openssl from the server running your engine to confirm connectivity:

openssl s_client -connect {subdomain}.synura.io:443 -servername {subdomain}.synura.io

A successful test shows a completed TLS handshake with CN=*.synura.io in the certificate chain.

Support

If you need help configuring your specific engine, contact support@synura.io with:

Your subdomain
Engine name and version
Any error messages from the connection attempt