SyncApps is now fully supported by NetSuite's implementation of TLS 1.2 as per their documentation with the cipher AES CBC (such as TLS1-DHE-RSA-AES-256-CBC-SHA) which means Java 7 is able to connect to it.
https://netsuite.custhelp.com/app/answers/detail/a_id/49076
Backgrounder:
SyncApps Premier Support actively worked with NetSuite to resolve an issue to include rolling back to the most stable version of NetSuite which supports Java 7 for the SyncApps platform already running on TLS 1.2 and cipher AES CBC since last October 2017.
Incident Details:
March 16th, 2018 there was an ongoing issue with the SSL connection to NetSuite web services that causes all NetSuite integrations running on the Java 7 platform to experience a handshake failure.
Received Error from NetSuite API. Received fatal alert: handshake_failure
The same issue occurred on March 4th, 2018. NetSuite fixed the problem since this last occurrence yet it has reoccurred again today.
The root cause of the problem is that NetSuite did some changes to their server SSL configuration so all integrations to the NetSuite API which uses Java 7 (like SyncApps) cannot connect to their servers. It violated their own FAQs which clearly state that TLS AES CBC crypto will still be supported.
SSL Report From SSLLabs
The SSLLabs report (Fri, 16 Mar 2018 05:11:19 UTC), shows that only AES GCM cryptos are enabled so all Java 7 integrations will not be able to connect to it.
https://www.ssllabs.com/ssltest/analyze.html?d=rest.netsuite.com
NetSuite TLS 1.0 and 1.1 Deprecation FAQ
It mentions that AES CBC (such as TLS1-DHE-RSA-AES-256-CBC-SHA) will still be supported which means Java 7 should still be able to connect to it.
https://system.netsuite.com/app/help/helpcenter.nl?fid=chapter_4520952169.html
Additionally, the deprecation timing seems to be incorrect as the FAQ states that the deprecation is scheduled to be done on April 21st, 2018 and it is already being applied today.
https://netsuite.custhelp.com/app/answers/detail/a_id/49076
NetSuite will now keep supporting the following ciphers like AES CBC (such as TLS1-DHE-RSA-AES-256-CBC-SHA) which means Java 7 will still be able to connect to it as in the SyncApps use case.
Important:
The target date for deprecation of TLS 1.0 and TLS 1.1 for connection to all NetSuite accounts is April 21, 2018.
What cipher suites are recommended for accessing NetSuite?
The following cipher suites are recommended:
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES256-GCM-SHA384
- AES128-GCM-SHA256
- AES256-GCM-SHA384
The following cipher suites are maintained for reasons of interoperability:
- ECDHE-RSA-AES128-SHA
- ECDHE-RSA-AES256-SHA
- DHE-RSA-AES-128-CBC-SHA
- DHE-RSA-AES-256-CBC-SHA
- AES-128-CBC-SHA
- AES-256-CBC-SHA
Need some help?
Check out the options below on how you can contact our support team and find the answers you need to help you with your SyncApps integrations.
Help Center & Email is 24/7 to support@cazoomi.com | Live Chat & Phone is scheduled
FAQs
Check out these Help Desk articles for answers to frequently asked questions.
Get Started | Login Issues | Pricing
Be sure to see one customer's story on how SyncApps helped them save 13 days per year of manually importing/exporting data!
Does SyncApps support TLS 1.2?
Thanks, Dan and yes, SyncApps supports TLS 1.2 since last 2017 when it was announced to be the standard for NetSuite integrations.