Hi Jeff,
I do not think that aqbanking checks against the system certificates. But you
should have to accept a certificate only once. BUT when called directly from
Gnucash aqbanking this does not work. It only remembers the certificate when
called from the the command line e.g. with
"/Applications/Gnucash.app/Contents/MacOS/aqbanking-cli request —balance”.
After that it will only ask you again when the certificate changes.
Cheers,
Christoph
> Am 16.01.2018 um 04:33 schrieb Jeff Kletsky :
>
> I haven't been able to find much on getting past AqBanking not verifying
> certificates for OFX connections.
>
> https://wiki.gnucash.org/wiki/De/Setting_up_OFXDirectConnect_in_GnuCash_2
> says to "blindly" accept them, which seems risky in this day and age. I found
> a question around it asked on the list, but unanswered on 2016-11-23, "OFX
> connection certificate troubles"
>
> http://www.linuxsecurity.com/content/view/188984/102/ suggests that
> gwenhywfar was patched to "use system ca-certificates" in 2015.
>
> Before I dig further into this, is there a way to have the certificates
> properly validated and, ideally, the revocation list checked? MacOS X here,
> but a "generic" solution as a framework would also help!
>
> Thanks,
>
> Jeff
>
>
> ___
> gnucash-user mailing list
> gnucash-user@gnucash.org
> https://lists.gnucash.org/mailman/listinfo/gnucash-user
> -
> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.
___
gnucash-user mailing list
gnucash-user@gnucash.org
https://lists.gnucash.org/mailman/listinfo/gnucash-user
-
Please remember to CC this list on all your replies.
You can do this by using Reply-To-List or Reply-All.
