Go directly to content Go directly to filters Go directly to footer
Logo Customs Administration of the Netherlands - Ministry of Finance, part of the Government of The Netherlands - To the homepage of Dutch Customs National Helpdesk (NHD)

Security changes for the HTG MSA interface - UPDATE

Publication date 13-11-2025, 14:13

Dutch Customs is continuously working on keeping the Trade & Transport Gateway (HTG) secure. This usually happens “behind the scenes”, invisible to HTG users. In the near future, changes will be made to the security of the MSA interface that may have an impact on users. At the time of publication, the following changes are planned.

Disable TLS 1.2, use only TLS 1.3

In 2022, Transport Layer Security (TLS) version 1.3 was activated in addition to version 1.2, which has been in use since the start of HTG. The intention at the time was also to disable the use of version 1.2 in mid-2022. Based on signals from the market, Dutch Customs then decided not to disable TLS 1.2, because several important platforms did not yet support TLS 1.3.

In the meantime, 3.5 years have passed. Securing message traffic is more important than ever. Work is being done on the development of quantum computers. A sufficiently powerful quantum computer will be able to “crack” the current security. Dutch Customs is preparing for this. New, quantum-safe algorithms are needed to avert this threat. These new algorithms will (most likely) no longer be available in TLS 1.2, but only in TLS 1.3.

For this reason, Dutch Customs, in consultation with the other government organizations that use HTG, has decided to disable the use of TLS 1.2 in production on January 12th, 2026. Prior to this, TLS 1.2 will be disabled in the company test environment (BTO, pre-production) on October 1st, 2025. This gives software developers time to determine whether their software can handle TLS 1.3 well.

Of the MSA accounts seen during the sample, 82% already use TLS 1.3 (reference date early March 2025). For these parties, disabling TLS 1.2 will therefore have no effect. The remaining 18% of the declarants must therefore still take action in order to still be able to connect via TLS 1.3 from January 12th 2026.

Advice

The advice to software developers is to exchange test messages regularly, for example monthly, in the BTO/preproduction environment. Any problems in the software due to the adjustment of the set of supported algorithms will then come to light in time.

Category

Share this page