User's Manual

ManualsBrandsNetSuite ManualsPrinter AccessoriesNetSuite NetSuite Printer Accessories 3.1

System-to-System Developer’s Guide

Revision: 3.1

Date: December 16, 2003

PURPOSE

This document describes the extension of the smbXML (small and medium business eXtensible Markup

Language) integration functionality to support the bi-directional exchange of business data between NetSuite

products and third-party systems.

smbXML was developed to facilitate the exchange of business information between trusted, third-party, XML-

enabled, business applications and the NetSuite product family. smbXML was originally implemented as a user

initiated exchange of XML data via flat-file export and import. This was performed by selecting the file to import

through the standard NetSuite web-browser interface, and is referred to as smbXML UI Import.

System-to-System (s2s) integration enables trusted systems to add, update and query data in an integrated

NetSuite account in real-time, or in batch, without user intervention. Most often this is done in real-time, in

response to an event occurring in the integrated third-party system (e.g.: a purchase being made in a third-party

e-commerce application, that sends transaction, customer and item information to the NetSuite product regarding

the sale).

System-to-System integration supports the same records and actions as the smbXML UI Import capability,

available in the standard user interface.

Summary of content (19 pages)

PAGE 1
System-to-System Developer’s Guide Revision: 3.1 Date: December 16, 2003 PURPOSE This document describes the extension of the smbXML (small and medium business eXtensible Markup Language) integration functionality to support the bi-directional exchange of business data between NetSuite products and third-party systems. smbXML was developed to facilitate the exchange of business information between trusted, third-party, XMLenabled, business applications and the NetSuite product family.
PAGE 2
System-to-System Developer’s Guide v3.0 TABLE OF CONTENTS TABLE OF CONTENTS......................................................................................................................................... 2 1 OVERVIEW..................................................................................................................................................... 3 1.1 1.2 2 CUSTOMERS AND APPLICATION P ROVIDERS ....................................................................................
PAGE 3
System-to-System Developer’s Guide v3.0 1 OVERVIEW 1.1 CUSTOMERS AND APPLICATION PROVIDERS Generally, there are two types of integration partners, customers and application providers. Customers are themselves users of a NetSuite product, and are interested in integrating their NetSuite application data with that of an external, third-party, application’s data.
PAGE 4
System-to-System Developer’s Guide v3.0 2 IMPLEMENTATION OVERVIEW 2.1 SUPPORTED PLATFORMS AND NETSUITE DEVELOPMENT SUPPORT While our integration technology to establish System-to-System connectivity is based on standards and can be used from any development platform, NetSuite officially supports the following two development platforms. • Java platform • Microsoft .
PAGE 5
System-to-System Developer’s Guide v3.0 2.3 2. integration partner opens an HTTPS connection to the NetSuite smbXML server 3. during the SSL handshake a. the integration partner verifies NetSuite’s identity by validating the NetSuite server certificat e, signed by RSA b. the NetSuite server verifies the identity of the integration partner by requesting a client -side certificate, signed by NetSuite c.
PAGE 6
System-to-System Developer’s Guide v3.0 Following is a detailed list of steps: 1. Create a sample smbXML document. o Ensure that it is valid against the current version of the smbXML DTD. o Ensure that it can be import ed into NetSuite using the smbXML UI Import (Transactions > Other > Import XML Document).
PAGE 7
System-to-System Developer’s Guide v3.0 2. Setup certificates for Two-way SSL communications. o 3. Note that an integration partner may register more than one certificate with NetSuite in the event that the integration partner is using multiple servers for data exchange with NetSuite, although this is not required. Write and test the necessary code in order to open a SSL connection. o Please see Appendix B for code samples . o Ensure that the sample smbXML document used above is used for testing.
PAGE 8
System-to-System Developer’s Guide v3.0 3 SETUP CLIENT CERTIFICATE As discussed previously, NetSuite’s Two-Way Secure Socket Layer authentication uses public/private key technology to authenticate clients against NetSuite servers and also to authenticate NetSuite servers to connecting clients. This authentication uses a client generated key pair the public key of which is signed by and possessed by NetSuite.
PAGE 9
System-to-System Developer’s Guide v3.0 A new public/private key pair is generated in a new keystore. The keystore should be stored in a secure location. In the following example, a 2048-bit RSA private/public key pair with an alias of client and a password of mykeypass is generated and stored in the file client.keystore, which is protected with the password mystorepass. keytool -genkey -dname "cn=client.
PAGE 10
System-to-System Developer’s Guide v3.0 Step 5: Update the keystore with the NetSuite certificate and the signed certificate NetSuite will e-mail you the signed client certificate as well as NetSuite’s self-signed, signing certificate (named NLCACert4Partners.der), that was used to sign your client certificate. You will need to import both of these certificates into your keystore. First import NetSuite’s signing certificate into your keystore as a trusted CA.
PAGE 11
System-to-System Developer’s Guide v3.0 • Install a pre-compiled version of OpenSSL in executable format for Windows. Note that the official site http://www.openssl.org has only the source and does not contain a pre-compiled version for Windows. Find a mirror site such as http://hunter.campbus.com/ to download the zip file that contains openssl.exe and a couple of related DLLs. This requires setting up an OpenSSL configuration file that you need to find elsewhere on the Internet.
PAGE 12
System-to-System Developer’s Guide v3.0 o NetSuite Account Number(s): The accounts that require System-to-System access. May include a production account and a test account. You can obtain your NetSuite account number as follows: NetSuite Home > Set Up Synchronization (Under Settings Portlet) > Account number is displayed in text box. o Partner Account Name: Provide a logical name that you would like your NetSuite account provided above to be referred by (customers only).
PAGE 13
System-to-System Developer’s Guide v3.0 4 IMPLEMENTATION DETAILS 4.1 SMBXML 4.1.1 RELATED DOCUMENTATION smbXML is used for all communications between the integration partner and NetSuite. The following smbXMLrelated documentation may be found with the NetSuite Developer Program Technical Documentation on the NetSuite website (http://www.netsuite.com > Partners > Developer Program). • DTD • release notes • smbXML Developer’s Guide • example import files • customer v.
PAGE 14
System-to-System Developer’s Guide v3.0 4.1.3 M ANY TO ONE NetSuite accepts smbXML data from multiple integrated partner accounts into a single NetSuite account. This supports activities such as a NetSuite customer aggregating cash sales, from multiple external Webstores, into a single NetSuite account; or aggregating smbXML purchase orders and bills from multiple exchanges, such as the Oracle exchange.
PAGE 15
System-to-System Developer’s Guide v3.0 5 SINGLE SIGNON ACCOUNT MAPPING 5.1 DO I NEED SINGLE SIGNON? If you are an application provider, yes. For an application provider, SSO is an essential part of System-toSystem integration. If you are a customer, no. For a customer, SSO has nothing to do with System-to-System integration.
PAGE 16
System-to-System Developer’s Guide v3.0 6 USER INTERFACE OPTIONS Single Signon may be turned off, for those customers that wish to only enable smbXML data exchange, from the Setup tab > Accounting sub-section > Set Up Accounting link > Web sub-tab, by clearing the Allow Sign On From Partners checkbox.
PAGE 17
System-to-System Developer’s Guide v3.0 APPENDIX A – REFERENCES • How SSL Works, http://developer.netscape.com/tech/security/ssl/howitworks.html • Introduction to Public-Key Cryptography, http://developer.netscape.com/docs/manuals/security/pkin/contents.htm • Set Up a Certification Authority for Java-based Systems, http://www.devx.com/Java/Article/10185/1954?pf=true • X.509 Certificates and Certificate Revocation Lists (CRLs), http://java.sun.com/products/jdk/1.2/docs/guide/security/cert3.
PAGE 18
System-to-System Developer’s Guide v3.0 APPENDIX B – JAVA CODE SAMPLE Following is a Java code sample taken from the NetSuite smbXMLPost tool that illustrates how a two-way SSL connection is established using a keystore. import import import import javax.net.ssl.*; java.net.*; java.security.*; java.security.cert.*; // Private key password String keyPassword = "mykeypass"; // Keystore password String storePassword = "mystorepass"; // Fully qualified path to keystore file String keystoreName = "my.
PAGE 19
System-to-System Developer’s Guide v3.0 APPENDIX C – MICROSOFT .NET C# CODE SAMPLE Following is a Microsoft .NET C# code sample taken from the NetSuite smbXMLPost tool that illustrates how a two-way SSL connection is established in the .NET platform. // NetSuite URL to post to string url = "https://partners.netsuite.com/s/SmbXml?pid=22999&pacct=ShutterFly"; HttpWebRequest req; HttpWebResponse res; // Create request object that connects to NetSuite req = (HttpWebRequest) WebRequest.Create( url ); req.