797191 – Gnu Cash does not save certificates permanently

Bug 797191 - Gnu Cash does not save certificates permanently

Summary: Gnu Cash does not save certificates permanently

Status:	RESOLVED FIXED

Alias:	None

Product:	GnuCash
Classification:	Unclassified
Component:	Import - AqBanking (show other bugs)
Version:	3.4
Hardware:	PC Linux

Importance:	Normal normal
Target Milestone:	---
Assignee:	import
QA Contact:	import

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-04-11 16:14 EDT by goebbe
Modified:	2020-05-12 17:09 EDT (History)
CC List:	6 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description goebbe 2019-04-11 16:14:51 EDT

Using GnuCash 3.4, the certificate of my bank are not saved permanently. 

As a result I get asked to accept the certificate, every time GnuCash requires the certificate for only activities. 
For example, if I want to get the balance of an account (via hbci), I get asked to accept the certificate up to three times per account. 

I already tried to reconfigure aqbanking and renew the bank and account information - but get the same result.
I am not even asked if I want to save the certificates permanently. 

aqbanking-cli versions
Versions:
 AqBanking-CLI: 5.7.8
 Gwenhywfar   : 4.20.0.0
 AqBanking    : 5.7.8.0

Is there a way to save the certificates manually (and permanently)?

Please let me know, if you need additional information.

Comment 1 Simon 2019-08-31 14:01:10 EDT

I can confirm this bug, happens for me as well (started more or less recently).
Ubuntu 18.04
gnucash -v
GnuCash 2.6.19
Dieses Programm wurde aus Version c1b5e6c8d+ am 2018-04-09 erstellt.

Comment 2 Frank H. Ellenberger 2020-05-12 16:02:48 EDT

This was not spotted by the right developers, because you did not assign the right component.

Is it still the case with the currently last stable release 3.10?
If you distribution does not offer it, test please following https://wiki.gnucash.org/wiki/De/Flatpak.

Comment 3 goebbe 2020-05-12 16:26:36 EDT

Sorry, for assigning the wrong component. :-)

Currently, I use a build of 3.8 from Ingo Haschlers PPA (Ubuntu 18.04):
https://launchpad.net/~ingo/+archive/ubuntu/gnucash
The reason I switched to this build was the PSD2 support.

I do not observe the reported issue with this build (3.8). 

Should I test the latest 3.10 build (Flatpak) and report, here?

Comment 4 John Ralls 2020-05-12 16:39:56 EDT

Please do, though it might not be a conclusive test: I don't know if a flatpak build can write to your keychain.

Comment 5 goebbe 2020-05-12 16:59:13 EDT

O.k. I just installed the latest stable build from Flathub: 3.10-1

Using the latest Flathub build, I was able to get the transaction for several accounts (via hbci) - without being asked to accept the certificates.
(For an existing account, I guess this is the expected behaviour)  :-) 

Thank you very much for fixing this problem!

Comment 6 John Ralls 2020-05-12 17:09:29 EDT

It was probably an AQBanking problem anyway. I don't think we get in the middle of the ssl handshaking.

Note You need to log in before you can comment on or make changes to this bug.