[GNC] Using Quicken direct connect with USAA

Jon Schewe jpschewe at mtu.net
Mon May 25 22:56:54 EDT 2020


Not only does the first account download not take, no account download
takes until I have created a dummy account. It's as if creating the
dummy account is creating some container, perhaps the directory, to
store the downloaded account information. However the download doesn't
create that container.

On Mon, 2020-05-25 at 19:46 -0700, John Ralls wrote:
> Ah, that would explain why the Next button was disabled: You had no
> accounts to assign.
> 
> So the issue would seem to be that the first account download didn't
> take, though the
> AQBanking dialog box indicated that it should have.
> 
> Regards,
> John Ralls
> 
> 
> 
> On May 25, 2020, at 4:41 PM, Jon Schewe <jpschewe at mtu.net> wrote:
> 
> Yes, I checked the Accounts tab after downloading the accounts the
> first time and the tab was empty. I even tried backing all the way
> out
> of the wizard and restarting GnuCash and the tab was still empty.
> 
> On Mon, 2020-05-25 at 16:33 -0700, John Ralls wrote:
> 
> When you first set up the User in the AQBanking Wizard did you check
> the Accounts tab after downloading the accounts the first time?
> 
> Regards,
> John Ralls
> 
> 
> 
> On May 25, 2020, at 11:47 AM, Jon Schewe <jpschewe at mtu.net> wrote:
> 
> It just started working "magically". I tried manually creating an
> account and associating it with a GnuCash account. Then tried getting
> the balance and got an error that I had the account number wrong. So
> I
> went back into the AQBanking Wizard and executed Retrieve Account
> List
> to get the full account number. Now when I went over to the accounts
> tab my accounts are there! I was able to associate them with the
> right
> GnuCash accounts and it seems to be working. 
> 
> I went back through my setup and deleted my aqbanking user and wrote
> up
> the steps that worked. It seems there is something about needing a
> dummy account created, otherwise aqbanking won't save the account
> information that it retrieved.
> 
> Here are the steps, note the bit about a dummy account.
> 
> * Tools -> Online Banking Setup...
> * Create User
> * Next
> * OFX-DirectConnect backend
> * Run
> * Next
> * Select
> * USAA
> * Select bank and click OK
> * Next
> * Enter USAA number with zeros on the left to make the number 9
> digits for the User Name and the User Id
> * Next
> * Next
> * Next
> * Retrieve Account List
> * Enter PIN
> * Finish
> * Click on the Accounts tab
> * If it's empty, create a dummy account using the aqofxconnect
> backend
>   * OK
>   * Leave everything blank
>   * OK
>   * Dismiss message about unable to update
>   * Users
>   * Edit User
>   * Bank Settings
>   * Retrieve Account List
>   * Close
> * Click on Accounts tab and see the new accounts, delete the dummy
> account
> * Close
> * Next
> * Associate to GnuCash accounts, looking at the account number works
> well
> * Next
> * Apply
> * Test by opening a GnuCash account that was associated with USAA
>   * Actions -> Online Actions -> Get Balance
>   * See the balance show up in a dialog
> 
> On Mon, 2020-05-25 at 13:21 -0500, Jon Schewe wrote:
> 
> Thank you for your help thus far.
> 
> I noticed that I had AQBanking and GnuCash installed both inside and
> outside flatpak. I've removed the version outside flatpak, but that
> didn't help.
> 
> If there are some additional debugging steps that are suggested for
> checking aqbanking, let me know and I can see where the integration
> with GnuCash is breaking.
> 
> On Mon, 2020-05-25 at 09:47 -0700, John Ralls wrote:
> 
> Well, that's progress. The communication with USAA is clearly
> working.
> 
> Maybe the flatpak sandbox isn't letting GnuCash see the results from
> AQBanking. Unfortunately I don't have time to investigate this
> further today.
> 
> Regards,
> John Ralls
> 
> 
> 
> On May 25, 2020, at 9:29 AM, Jon Schewe <jpschewe at mtu.net> wrote:
> 
> John,
> 
> Using those settings got me different information in the dialog.
> However I still don't have an option to associate the accounts. When
> I close the dialogs I'm back to "Start Online Banking Wizard" and the
> match step is still grey.
> 
> 11:24:16 Saving communication log to 1
> 11:24:16 Sending request...
> 11:24:16 Using GnuTLS default ciphers.
> 11:24:16 TLS: SSL-Ciphers negotiated: TLS1.3:ECDHE-RSA-AES-256-
> GCM:AEAD
> 11:24:16 Waiting for response...
> 11:24:17 Saving communication log to 1
> 11:24:17 Parsing response...
> 11:24:17 Status for signon request: Success (Code 0, severity "INFO")
> The server successfully processed the request.
> 11:24:17 Status for account info request: Success (Code 0, severity
> "INFO")
> The server successfully processed the request.
> 11:24:17 Received account XXXXXXXXX/XXXXXXXXXX ((no bank
> name)/ACCOUNT)
> 11:24:17 Received account XXXXXXXXX/XXXXXXXXXX ((no bank
> name)/ACCOUNT)
> 11:24:17 Received account (no bank code)/XXXXXXXXXXXXXXXX ((no bank
> name)/ACCOUNT)
> 11:24:17 Operation finished, you can now close this window.
> 
> Jon
> 
> On Mon, 2020-05-25 at 09:09 -0700, John Ralls wrote:
> 
> Jon,
> 
> The Application Settings I use for USAA are
> Application ID: QWIN
> Application Version: 2200
> Header Version: 102
> 
> In Special Settings:
> HTTP Version, Client UID, and Security Type are blank, Force SSLv3
> and Send Short Date are checked, and Send Empty Bank ID and Send
> Empty FID are unchecked.
> 
> Another user had trouble with USAA because he had entered a Client
> UID on the User Settings page, so make sure that's blank too.
> 
> Yes, SSL v3 is less secure than TLS, but it's better than sending the
> data in the clear, and yes, the authentication that USAA uses on OFX
> DirectConnect is less than ideal.
> 
> Regards,
> John Ralls
> 
> 
> On May 25, 2020, at 8:59 AM, Jon Schewe <jpschewe at mtu.net> wrote:
> 
> Alan,
> 
> Thanks for the suggestion. I tried not setting any special settings
> and
> make sure the SSL v3 is unchecked. Still no change.
> 
> As far as security goes, this method for getting my transactions
> appears less secure than using Web Connect. When I login to get to
> the
> Web Connect download I need to enter a one time password from my
> phone,
> but for Direct Connect I only need my PIN.
> 
> Jon
> 
> On Mon, 2020-05-25 at 11:48 -0400, Alan wrote:
> Jon,
> 
> Disable SSL v3. Info at wiki.gnucash.org is wrong. It's not secure,
> and no
> reputable financial institution should be supporting it for financial
> transactions.
> 
> As of this moment, USAA is only supporting TLS 1.2 and 1.3, which are
> secure.
> Suggest not setting any of the "special settings" options, and never
> enable SSL
> v2 or v3 for any program, except for testing with non-sensitive data.
> 
> -----Original Message-----
> From: gnucash-user
> [mailto:gnucash-user-bounces+alangnuc=bigtowers.net at gnucash.org] On
> Behalf Of
> Jon Schewe
> Sent: Monday, May 25, 2020 10:36 AM
> To: gnucash-user <gnucash-user at gnucash.org>
> Subject: [GNC] Using Quicken direct connect with USAA
> 
> I have been using the Web Connect with USAA for years and that's
> worked great.
> However now I see that they are discontinuing support for this
> feature. So I'm
> trying to setup Direct Connect. I found the instructions for setting
> up USAA at
> https://wiki.gnucash.org/wiki/OFX_Direct_Connect_Bank_Settings#USAA,
> however I'm not seeing the "Server Capabilities" tab to select the
> account list
> download options.
> 
> I'm using GnuCash 3.10 from flatpak.
> I'm on Linux.
> 
> I have the following Settings:
> "User Settings"
> User Name, User id and Client UID all set to my USAA number. I have
> tried both
> with the 00 prefix and without.
> 
> "Bank Settings"
> Broker ID: 5874
> FID: 24591
> ORG: USAA
> Server URL: https://service2.usaa.com/ofx/OFXServlet
> 
> "Application Settings"
> I've tried the default application settings and the settings that
> should be for
> Quicken 2017:
> Application ID: QWIN
> Application Version: 2600
> Header Version: 102
> 
> Under "Special Settings" I've tried HTTP Version blank, 1.0 and 1.1.
> I've checked "Force SSLv3".
> 
> When I go back to the "Bank Settings" tab I see the following after
> clicking on
> "Retrieve Account List".
> 
> 09:26:37 Sending request...
> 09:26:37 Using GnuTLS default ciphers.
> 09:26:37 TLS: SSL-Ciphers negotiated: TLS1.3:ECDHE-RSA-AES-256-
> GCM:AEAD
> 09:26:37 Waiting for response...
> 09:26:37 Operation finished, you can now close this window.
> 
> The AqBanking Setup never lets me get to the point of associating
> USAA accounts
> with GnuCash accounts. Can someone give me some pointers on what is
> wrong here?
> 
> Thank you,
> Jon
> 
> 
> 
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> To update your subscription preferences or to unsubscribe:
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> If you are using Nabble or Gmane, please see 
> https://wiki.gnucash.org/wiki/Mailing_Lists for more information.
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
> 
> 
> 
> 
> 
> 
> _______________________________________________
> gnucash-user mailing list
> gnucash-user at gnucash.org
> To update your subscription preferences or to unsubscribe:
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> If you are using Nabble or Gmane, please see 
> https://wiki.gnucash.org/wiki/Mailing_Lists for more information.
> -----
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 



More information about the gnucash-user mailing list