John, Using those settings got me different information in the dialog. However I still don't have an option to associate the accounts. When I close the dialogs I'm back to "Start Online Banking Wizard" and the match step is still grey.
11:24:16 Saving communication log to 1 11:24:16 Sending request... 11:24:16 Using GnuTLS default ciphers. 11:24:16 TLS: SSL-Ciphers negotiated: TLS1.3:ECDHE-RSA-AES-256-GCM:AEAD 11:24:16 Waiting for response... 11:24:17 Saving communication log to 1 11:24:17 Parsing response... 11:24:17 Status for signon request: Success (Code 0, severity "INFO") The server successfully processed the request. 11:24:17 Status for account info request: Success (Code 0, severity "INFO") The server successfully processed the request. 11:24:17 Received account XXXXXXXXX/XXXXXXXXXX ((no bank name)/ACCOUNT) 11:24:17 Received account XXXXXXXXX/XXXXXXXXXX ((no bank name)/ACCOUNT) 11:24:17 Received account (no bank code)/XXXXXXXXXXXXXXXX ((no bank name)/ACCOUNT) 11:24:17 Operation finished, you can now close this window. Jon On Mon, 2020-05-25 at 09:09 -0700, John Ralls wrote: > Jon, > > The Application Settings I use for USAA are > Application ID: QWIN > Application Version: 2200 > Header Version: 102 > > In Special Settings: > HTTP Version, Client UID, and Security Type are blank, Force SSLv3 and Send > Short Date are checked, and Send Empty Bank ID and Send Empty FID are > unchecked. > > Another user had trouble with USAA because he had entered a Client UID on the > User Settings page, so make sure that's blank too. > > Yes, SSL v3 is less secure than TLS, but it's better than sending the data in > the clear, and yes, the authentication that USAA uses on OFX DirectConnect is > less than ideal. > > Regards, > John Ralls > > > > On May 25, 2020, at 8:59 AM, Jon Schewe <jpsch...@mtu.net> wrote: > > Alan, > > Thanks for the suggestion. I tried not setting any special settings and > make sure the SSL v3 is unchecked. Still no change. > > As far as security goes, this method for getting my transactions > appears less secure than using Web Connect. When I login to get to the > Web Connect download I need to enter a one time password from my phone, > but for Direct Connect I only need my PIN. > > Jon > > On Mon, 2020-05-25 at 11:48 -0400, Alan wrote: > > Jon, > > Disable SSL v3. Info at wiki.gnucash.org is wrong. It's not secure, and no > reputable financial institution should be supporting it for financial > transactions. > > As of this moment, USAA is only supporting TLS 1.2 and 1.3, which are secure. > Suggest not setting any of the "special settings" options, and never enable > SSL > v2 or v3 for any program, except for testing with non-sensitive data. > > -----Original Message----- > From: gnucash-user > [mailto:gnucash-user-bounces+alangnuc=bigtowers....@gnucash.org] On Behalf Of > Jon Schewe > Sent: Monday, May 25, 2020 10:36 AM > To: gnucash-user <gnucash-user@gnucash.org> > Subject: [GNC] Using Quicken direct connect with USAA > > I have been using the Web Connect with USAA for years and that's worked great. > However now I see that they are discontinuing support for this feature. So I'm > trying to setup Direct Connect. I found the instructions for setting up USAA > at > https://wiki.gnucash.org/wiki/OFX_Direct_Connect_Bank_Settings#USAA, > however I'm not seeing the "Server Capabilities" tab to select the account > list > download options. > > I'm using GnuCash 3.10 from flatpak. > I'm on Linux. > > I have the following Settings: > "User Settings" > User Name, User id and Client UID all set to my USAA number. I have tried both > with the 00 prefix and without. > > "Bank Settings" > Broker ID: 5874 > FID: 24591 > ORG: USAA > Server URL: https://service2.usaa.com/ofx/OFXServlet > > "Application Settings" > I've tried the default application settings and the settings that should be > for > Quicken 2017: > Application ID: QWIN > Application Version: 2600 > Header Version: 102 > > Under "Special Settings" I've tried HTTP Version blank, 1.0 and 1.1. > I've checked "Force SSLv3". > > When I go back to the "Bank Settings" tab I see the following after clicking > on > "Retrieve Account List". > > 09:26:37 Sending request... > 09:26:37 Using GnuTLS default ciphers. > 09:26:37 TLS: SSL-Ciphers negotiated: TLS1.3:ECDHE-RSA-AES-256-GCM:AEAD > 09:26:37 Waiting for response... > 09:26:37 Operation finished, you can now close this window. > > The AqBanking Setup never lets me get to the point of associating USAA > accounts > with GnuCash accounts. Can someone give me some pointers on what is wrong > here? > > Thank you, > Jon > > > > _______________________________________________ > gnucash-user mailing list > gnucash-user@gnucash.org > To update your subscription preferences or to unsubscribe: > https://lists.gnucash.org/mailman/listinfo/gnucash-user > If you are using Nabble or Gmane, please see > https://wiki.gnucash.org/wiki/Mailing_Lists for more information. > ----- > Please remember to CC this list on all your replies. > You can do this by using Reply-To-List or Reply-All. > > _______________________________________________ gnucash-user mailing list gnucash-user@gnucash.org To update your subscription preferences or to unsubscribe: https://lists.gnucash.org/mailman/listinfo/gnucash-user If you are using Nabble or Gmane, please see https://wiki.gnucash.org/wiki/Mailing_Lists for more information. ----- Please remember to CC this list on all your replies. You can do this by using Reply-To-List or Reply-All.
