Re: [GNC] AqBanking help for Citi CC

[Jim Maki via gnucash-user]

Three areas of comment to some potential problem areas ...


===========> Windows certificate bundle is OK

To verify the Windows certificate file is not an issue I copied the the 
following certificate bundle from Windows to Ubuntu:
    C:\Program Files (x86)\gnucash\share\gwenhywfar\ca-bundle.crt

On Ubuntu, Citi's cert was validated using the Windows cert bundle via 
the following command:
    curl ... \
        --cacert ca-bundle.crt --capath . \
        https://www.accountonline.com/cards/svc/CitiOfxManager.do

So the Windows GnuCash certificate bundle is not the issue.


===========> Error on gnutls_bye: -24 might be some password issue

Looking at:

    http://mcs.une.edu.au/doc/manual/gnutls.html

the theme for error code -24 (GNUTLS_E_DECRYPTION_FAILED) was about 
passwords, either no password, password not in ASCII, wrong, ... . This 
is a certificate password vs your password which is passed in the OFX 
XML and not used in the connection setup.



===========> Comparing your vs my system output - where does it differ?


Can you compare your system with the following from my Windows 10?

On a powershell terminal session see what's the default text encoding 
via "[System.Text.Encoding]::Default":

  PS===> [System.Text.Encoding]::Default

  IsSingleByte      : True
  BodyName          : iso-8859-1
  EncodingName      : Western European (Windows)
  HeaderName        : Windows-1252
  WebName           : Windows-1252
  WindowsCodePage   : 1252
  IsBrowserDisplay  : True
  IsBrowserSave     : True
  IsMailNewsDisplay : True
  IsMailNewsSave    : True
  EncoderFallback   : System.Text.InternalEncoderBestFitFallback
  DecoderFallback   : System.Text.InternalDecoderBestFitFallback
  IsReadOnly        : True
  CodePage          : 1252


On a DOS terminal session get the OS version via "ver":

  ===> ver
  Microsoft Windows [Version 10.0.17134.376]


On the same DOS terminal see the AqBanking version:

  ===> cd "C:\Program Files (x86)\gnucash\bin"
  ===> aqbanking-cli.exe  versions
  3:2018/10/27 
21-25-19:gwen(5224):C:/gcdev64/gnucash/releases/src/gwenhywfar-4.20.0/src/base/i18n.c: 
120: No translation found for WIN32 locale [English_United States.1252]
  Versions:
   AqBanking-CLI: 5.7.8
   Gwenhywfar   : 4.20.0.0
   AqBanking    : 5.7.8.0


AqBanking version 5.7.8 looks like the latest:
  https://www.aquamaniac.de/sites/download/packages.php


Run aqbanking-cli to show your accounts (note the locale error message):

  ===> REM Show the account to work with
  ===> aqbanking-cli  listaccs
  3:2018/10/27 
20-20-43:gwen(8124):C:/gcdev64/gnucash/releases/src/gwenhywfar-4.20.0/src/base/i18n.c: 
120: No translation found for WIN32 locale [English_United States.1252]
  Account www.accountonline.com   YOURCCACCOUNT www.accountonline.com   
Citigroup


Make a request that will show the details of the cert request (password 
required).
I'd be curious as to how your output differs:

  ===> aqbanking-cli  request --balance
  3:2018/10/27 
20-14-37:gwen(10536):C:/gcdev64/gnucash/releases/src/gwenhywfar-4.20.0/src/base/i18n.c: 
120: No translation found for WIN32 locale [English_United States.1252]
  ===== Executing Jobs =====
  AqBanking v5.7.8.0stable
  Sending jobs to the bank(s)
  Locking user YOURUSERID
  ===== Enter Password =====
  Please enter the password for user YOURUSERID
  Input: YOURPASSWORD
  3:2018/10/27 
20-14-44:(null)(10536):C:/gcdev64/gnucash/releases/src/aqbanking-5.7.8/src/plugins/backends/aqofxconnect/plugin/network.c: 
82: Saving response in "/tmp/ofx.log" ...
  Saving communication log to /tmp/ofx.log
  Sending request...
  Connecting to server...
  Resolving hostname "www.accountonline.com" ...
  IP address is "104.65.4.169"
  Connecting to "www.accountonline.com"
  Connected to "www.accountonline.com"
  Using GnuTLS default ciphers.
  TLS: SSL-Ciphers negotiated: TLS1.2:ECDHE-RSA-AES-256-GCM:AEAD
  Signer not found
  Certificate is not trusted
  5:2018/10/27 
20-14-44:aqbanking(10536):C:/gcdev64/gnucash/releases/src/aqbanking-5.7.8/src/libs/aqbanking/gui/abgui.c: 
165: Automatically accepting certificate 
[D0:7D:90:E7:63:F0:59:E0:CE:D2:62:82:61:4A:68:68]
  Connected.
  Sending message...
  Message sent.
  Waiting for response...
  Receiving response...
  HTTP-Status: 200 (OK)
  Response received.
  Disconnecting from server...
  Disconnected.
  Parsing response...
  3:2018/10/27 
20-14-45:(null)(10536):C:/gcdev64/gnucash/releases/src/aqbanking-5.7.8/src/plugins/backends/aqofxconnect/plugin/network.c: 
171: Saving response in "/tmp/ofx.log" ...
  Parsing response
  Status for signon request: Success (Code 0, severity "INFO")
  The server successfully processed the request.
  Status for transaction statement request: Success (Code 0, severity 
"INFO")
  The server successfully processed the request.
  Unlocking user YOURUSERID
  Executing Jobs: 1 of 1
  Postprocessing jobs
  Job Get Balance: finished
  Resetting provider queues
  Executing Jobs: Finished.
  ...

At some point yours will differ and that may give a hint. I assume your 
AqBanking users/accounts is similar to the one I provided previously.

  Jim





_______________________________________________
gnucash-user mailing list
gnucash-user@gnucash.org
To update your subscription preferences or to unsubscribe:
https://lists.gnucash.org/mailman/listinfo/gnucash-user
If you are using Nabble or Gmane, please see 
https://wiki.gnucash.org/wiki/Mailing_Lists for more information.
-----
Please remember to CC this list on all your replies.
You can do this by using Reply-To-List or Reply-All.