OFX connection certificate troubles
Bram Mertens
mertensb.mazda at gmail.com
Thu Nov 24 15:31:28 EST 2016
Hi,
Not a solution, just an observation:
Based on the results of the Qualys SSL labs test (
https://www.ssllabs.com/ssltest/analyze.html?d=www.efirstbankpfm.com) I
guess that Gnucash may not handle the intermediate certificate correctly.
HTH
Bram
On Wed, Nov 23, 2016 at 9:03 PM Florian Kluibenschädl <fkluiben at gmail.com>
wrote:
> Hi all,
>
>
>
> I am trying to setup an online connection with the “FirstBank of Colorado”
> but as soon as I try to retrieve my bank accounts I run into trouble. I do
> receive the certificate via GnuTSL but it’s status says “Signer not found;
> Certificate is not trusted”
>
>
>
> I can still accept this certificate but then there’s no response from
> https://www.efirstbankpfm.com/ofx/OFXServlet
>
>
>
> Here’s the Log:
>
> 12:25:42 Sending request...
>
> 12:25:42 Using GnuTLS default ciphers.
>
> 12:25:43 TLS: SSL-Ciphers negotiated: TLS1.2:RSA-AES-256-GCM:AEAD
>
> 12:25:43 Signer not found
>
> 12:25:43 Certificate is not trusted
>
> 12:50:34 Waiting for response...
>
> 12:50:34 No message received
>
> 12:50:34 Network error while waiting for response
>
> 12:50:34 Operation finished, you can now close this window.
>
>
>
> Here’s the certificate:
>
>
>
> (do screenshots work in this mailing list?)
>
>
>
> I also tried to set up the bank account manually. If I do that and I try to
> get my balance or transactions, I always get a HTTP 400 (Bad request):
>
>
>
> AqBanking v5.6.10.0stable
>
> Sending jobs to the bank(s)
>
> Locking user ***
>
> Sending request...
>
> Connecting to server...
>
> Resolving hostname "www.efirstbankpfm.com" ...
>
> IP address is "208.89.183.44"
>
> Connecting to "www.efirstbankpfm.com"
>
> Connected to "www.efirstbankpfm.com"
>
> Using GnuTLS default ciphers.
>
> TLS: SSL-Ciphers negotiated: TLS1.2:RSA-AES-256-GCM:AEAD
>
> Signer not found
>
> Certificate is not trusted
>
> Connected.
>
> Sending message...
>
> Message sent.
>
> Waiting for response...
>
> Receiving response...
>
> HTTP-Status: 400 (Bad Request)
>
> Error parsing server response
>
> Unlocking user ***
>
> Postprocessing jobs
>
> Job Get Balance: finished
>
> Resetting provider queues
>
>
>
> Any Ideas where I could go from here? I guess asking the Bank is not very
> helpful?
>
>
>
> Thank you in advance for your help!!!
>
>
>
> Florian
>
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
More information about the gnucash-user
mailing list