online banking with BB&T
John Ralls
jralls at ceridwen.us
Tue Apr 14 01:05:18 EDT 2015
> On Apr 13, 2015, at 9:22 PM, Chris Hoefler <hoeflerb at gmail.com> wrote:
>
> I agree. Unfortunately, I don't have the option to switch banks at the moment. Is there a way to configure the SSL client that aqbanking uses? I'm not aware of any global configuration for all ssl clients.... For example, when I use openssl s_client, I can handshake just fine. Aqbanking must be specifically rejecting TLS 1.0.
>
> (The cipher is good, btw. It is just the old protocol version that seems problematic.)
Please remember to copy the list on all replies, using "reply all".
I don't know how to specify which libssl aqbanking uses short of compiling the latter with an rpath specifying a particular one.
Debian Wheezy appears to use /etc/ssl/openssl.cfg as the global OpenSSL config file, but I don't find anything about -no_tls_1 in it; in fact I find that only in the man page for s_client. Anyway it appears from a quick look through the sources that AQBanking and its Gwenhyfar backend use libgnutls rather than openssl for the tls implementation, but I don't find the VERS-TLS strings that gnutls uses to set protocol levels in either.
Sorry I can't be more help.
Regards,
John Ralls
More information about the gnucash-user
mailing list