{{Quickfixn}} Tls1.2 connection to bloomberg does not send a logon
José Antônio Fonseca
jose.fonseca at plugntrade.com.br
Tue Aug 6 02:43:00 PDT 2019
Hi there,
Try not validating the certificates.
And use pfx files for the certificate.
SSLValidateCertificates=N
Regards,
José Fonseca
From: Quickfixn <quickfixn-bounces at lists.quickfixn.com> On Behalf Of
Matthias Güntert
Sent: terça-feira, 6 de agosto de 2019 03:39
To: Mailing list for QuickFIX/n <quickfixn at lists.quickfixn.com>
Subject: Re: {{Quickfixn}} Tls1.2 connection to bloomberg does not send a
logon
Try the following in your class that implements IApplication
public void ToAdmin(Message message, SessionID sessionId)
{
if (message.Header.GetField(35) == MsgType.LOGON)
{
message.Header.SetField("Username");
message.Header.SetField("Password");
}
}
Best, Matthias
Von: Quickfixn [mailto:quickfixn-bounces at lists.quickfixn.com] Im Auftrag von
Ravi Arcot
Gesendet: Montag, 5. August 2019 22:53
An: quickfixn at lists.quickfixn.com <mailto:quickfixn at lists.quickfixn.com>
Betreff: {{Quickfixn}} Tls1.2 connection to bloomberg does not send a logon
We are using QuickFix/n Version 1.7 and attempting to connect to Bloomberg
with their Tls certificate. We are the initiator and Bloomberg is the
acceptor. The engine creates the session and does not logon. Bloomberg
network engineers say they see the Tls handshake and acknowledgement but no
logon attempt. We attempted the following configuration(s) in the
initiator.cfg.
[SESSION]
..
..
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=Y
SSLCheckCertificateRevocation=N
SSLCertificate=C:/KynApps/KynexFixService/certs/cert.pfx
SSLCertificatePassword=xxxxxxx
We also tried
[SESSION]
..
..
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=Y
SSLCheckCertificateRevocation=N
SSLCertificate=C:/KynApps/KynexFixService/certs/cert.pem
SSLCertificatePassword=xxxxxxxxxxxxx
SSLCACertificate=C:/KynApps/KynexFixService/certs/CACerts.pem
SSLRequireClientCertificate=Y
If we remove the SSL configs in the quickfix config file and create a
stunnel with the pem certificates, it establishes the session fine. We
prefer to go direct from engine without stunnel.
Appreciate any suggestions on what might be going on if others have gone
down this path and found a resolution.
Thank you in advance.
Best
Ravi Arcot
201.796.4900
ravi at kynex.com <mailto:ravi at kynex.com>
****************************************************************************
*******
The information in this e-mail message may be privileged, confidential, and
protected from disclosure. If you are not the intended recipient, any
dissemination, distribution or copying is strictly prohibited. If you think
that you have received this e-mail message in error, please e-mail the
sender and delete all copies. Thank you.
****************************************************************************
*******
*****************************************************
This e-mail may contain confidential material. It is intended only for the
person or entity which it is addressed to. In case you should not be
supposed to get this e-mail we ask you to delete it without taking notice of
its content. Any views or opinions expressed in this e-mail are those of the
sender and do not necessarily coincide with those of The Swiss Raiffeisen
Group. Therefore this e-mail does not represent a binding agreement nor an
offer to deal. E-Mail transmission can be insecure and can contain errors.
Information could be intercepted, corrupted, lost, destroyed, incomplete or
may contain viruses. Neither The Swiss Raiffeisen Group nor the sender can
accept any liability for any kind of damage as the result of viruses or
transmission errors.
*****************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quickfixn.com/pipermail/quickfixn-quickfixn.com/attachments/20190806/8674ae1f/attachment.htm>
More information about the Quickfixn
mailing list