http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

Tom Tempelaere
QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/



Hi all,

 

It seems like http://www.quickfixj.org/ is down and as it happens I need to review configuration documentation to see how encrypting the connection using TLS 1.2 is done. This encryption by TLS 1.2 is required by Bloomberg EMSX and there’s no way around that requirement (policy). I am currently on QuickFIX/J version 1.5.3.

 

I’ve surfed to the http://www.quickfixj.org/ site quite a few times recently and I keep getting “Service temporarily unavailable // The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later”. I am wondering if the site is indeed temporarily down or is this going to be permanent?

 

Also, a quick review on how to set TLS 1.2 encryption in configuration and what other things are needed to get this working, would be much appreciated.

 

Kind regards,

---
Tom Tempelaere
Software Architect & IT Management.

Upsilon SA

 


Virus-free. www.avast.com

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users
Reply | Threaded
Open this post in threaded view
|

Re: http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

QuickFIX/J mailing list
QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/



Hi,

you could check the documentation here: https://github.com/quickfix-j/quickfixj/blob/master/quickfixj-core/src/main/doc/usermanual/usage/configuration.html
There were some things added around SSL/TLS verification in version 1.6.3 of QFJ. So I do not know if it will work with 1.5.3. We are using 1.6.3 to connect to Bloomberg and it works without problems.

Here are the parameters that we use:
SocketUseSSL = Y
EnabledProtocols = TLSv1.2
KeyStoreType = JKS
SocketKeyStore = <path to keystore>
SocketKeyStorePassword = <password>

Hope that helps,
Chris.



On 26/06/17 10:01, Tom Tempelaere wrote:
QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/




Hi all,

 

It seems like http://www.quickfixj.org/ is down and as it happens I need to review configuration documentation to see how encrypting the connection using TLS 1.2 is done. This encryption by TLS 1.2 is required by Bloomberg EMSX and there’s no way around that requirement (policy). I am currently on QuickFIX/J version 1.5.3.

 

I’ve surfed to the http://www.quickfixj.org/ site quite a few times recently and I keep getting “Service temporarily unavailable // The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later”. I am wondering if the site is indeed temporarily down or is this going to be permanent?

 

Also, a quick review on how to set TLS 1.2 encryption in configuration and what other things are needed to get this working, would be much appreciated.

 

Kind regards,

---
Tom Tempelaere
Software Architect & IT Management.

Upsilon SA

 


Virus-free. www.avast.com


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users

--
Christoph John
Development & Support
Direct: +49 241 557080-28
Mailto:Christoph.John@...



http://www.macd.com


MACD GmbH
Oppenhoffallee 103
D-52066 Aachen
Tel: +49 241 557080-0 | Fax: +49 241 557080-10
 Amtsgericht Aachen: HRB 8151
Ust.-Id: DE 813021663

Geschäftsführer: George Macdonald


take care of the environment - print only if necessary

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users
Reply | Threaded
Open this post in threaded view
|

Re: http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

Tom Tempelaere
QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/



Thank you for the prompt reponse John, I will check it out.

 

Kind regards,

---
Tom Tempelaere
Software Architect & IT Management.

Upsilon SA.

 

From: Christoph John [mailto:[hidden email]]
Sent: 26 June 2017 10:33
To: [hidden email]; [hidden email]
Subject: Re: [Quickfixj-users] http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

 

Hi,

you could check the documentation here: https://github.com/quickfix-j/quickfixj/blob/master/quickfixj-core/src/main/doc/usermanual/usage/configuration.html
There were some things added around SSL/TLS verification in version 1.6.3 of QFJ. So I do not know if it will work with 1.5.3. We are using 1.6.3 to connect to Bloomberg and it works without problems.

Here are the parameters that we use:
SocketUseSSL = Y
EnabledProtocols = TLSv1.2
KeyStoreType = JKS
SocketKeyStore = <path to keystore>
SocketKeyStorePassword = <password>

Hope that helps,
Chris.


On 26/06/17 10:01, Tom Tempelaere wrote:

QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/
 
 




Hi all,

 

It seems like http://www.quickfixj.org/ is down and as it happens I need to review configuration documentation to see how encrypting the connection using TLS 1.2 is done. This encryption by TLS 1.2 is required by Bloomberg EMSX and there’s no way around that requirement (policy). I am currently on QuickFIX/J version 1.5.3.

 

I’ve surfed to the http://www.quickfixj.org/ site quite a few times recently and I keep getting “Service temporarily unavailable // The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later”. I am wondering if the site is indeed temporarily down or is this going to be permanent?

 

Also, a quick review on how to set TLS 1.2 encryption in configuration and what other things are needed to get this working, would be much appreciated.

 

Kind regards,

---
Tom Tempelaere
Software Architect & IT Management.

Upsilon SA

 

 

Virus-free. www.avast.com




------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot




_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users

 

--

Christoph John
Development & Support
Direct: +49 241 557080-28
Mailto:Christoph.John@...




http://www.macd.com



MACD GmbH
Oppenhoffallee 103
D-52066 Aachen
Tel: +49 241 557080-0 | Fax: +49 241 557080-10

 Amtsgericht Aachen: HRB 8151
Ust.-Id: DE 813021663

Geschäftsführer: George Macdonald



take care of the environment - print only if necessary


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users
Reply | Threaded
Open this post in threaded view
|

Re: http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

Tom Tempelaere
In reply to this post by QuickFIX/J mailing list
QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/



Hi John,

 

I ended up doing it with QuickFIX/J 1.5.3 using the JKS certificate sent by Bloomberg.  The certification zipfile they sent has four sub-folders: cms, jks, pem and pkcs12. I copied the cert.jks file from the jks subfolder to the application folder my FIX module is running from, and supplied the following in fixengine.cfg for the session:

 

SocketUseSSL=Y

SocketKeyStore=cert.jks

SocketKeyStorePassword=<password from jks/password.txt>

EnabledProtocols=TLSv1.2

 

The KeyStoreType configuration setting isn’t available in 1.5.3, but apparantly QuickFIX/J takes JKS by default.

 

Thanks for your input John 😊. Much obliged!

 

Kind regards,

---
Tom Tempelaere
Upsilon SA

 

From: Christoph John [mailto:[hidden email]]
Sent: 26 June 2017 10:33
To: [hidden email]; [hidden email]
Subject: Re: [Quickfixj-users] http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

 

Hi,

you could check the documentation here: https://github.com/quickfix-j/quickfixj/blob/master/quickfixj-core/src/main/doc/usermanual/usage/configuration.html
There were some things added around SSL/TLS verification in version 1.6.3 of QFJ. So I do not know if it will work with 1.5.3. We are using 1.6.3 to connect to Bloomberg and it works without problems.

Here are the parameters that we use:
SocketUseSSL = Y
EnabledProtocols = TLSv1.2
KeyStoreType = JKS
SocketKeyStore = <path to keystore>
SocketKeyStorePassword = <password>

Hope that helps,
Chris.


On 26/06/17 10:01, Tom Tempelaere wrote:

QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/
 
 




Hi all,

 

It seems like http://www.quickfixj.org/ is down and as it happens I need to review configuration documentation to see how encrypting the connection using TLS 1.2 is done. This encryption by TLS 1.2 is required by Bloomberg EMSX and there’s no way around that requirement (policy). I am currently on QuickFIX/J version 1.5.3.

 

I’ve surfed to the http://www.quickfixj.org/ site quite a few times recently and I keep getting “Service temporarily unavailable // The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later”. I am wondering if the site is indeed temporarily down or is this going to be permanent?

 

Also, a quick review on how to set TLS 1.2 encryption in configuration and what other things are needed to get this working, would be much appreciated.

 

Kind regards,

---
Tom Tempelaere
Software Architect & IT Management.

Upsilon SA

 

 

Virus-free. www.avast.com




------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot




_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users

 

--

Christoph John
Development & Support
Direct: +49 241 557080-28
Mailto:Christoph.John@...




http://www.macd.com



MACD GmbH
Oppenhoffallee 103
D-52066 Aachen
Tel: +49 241 557080-0 | Fax: +49 241 557080-10

 Amtsgericht Aachen: HRB 8151
Ust.-Id: DE 813021663

Geschäftsführer: George Macdonald



take care of the environment - print only if necessary


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users
Reply | Threaded
Open this post in threaded view
|

Re: http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

QuickFIX/J mailing list
QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/



Hi Tom,

great, thanks for the update. :)

Cheers,
Chris.


On 29/06/17 10:47, Tom Tempelaere wrote:

Hi John,

 

I ended up doing it with QuickFIX/J 1.5.3 using the JKS certificate sent by Bloomberg.  The certification zipfile they sent has four sub-folders: cms, jks, pem and pkcs12. I copied the cert.jks file from the jks subfolder to the application folder my FIX module is running from, and supplied the following in fixengine.cfg for the session:

 

SocketUseSSL=Y

SocketKeyStore=cert.jks

SocketKeyStorePassword=<password from jks/password.txt>

EnabledProtocols=TLSv1.2

 

The KeyStoreType configuration setting isn’t available in 1.5.3, but apparantly QuickFIX/J takes JKS by default.

 

Thanks for your input John 😊. Much obliged!

 

Kind regards,

---
Tom Tempelaere
Upsilon SA

 

From: Christoph John [[hidden email]]
Sent: 26 June 2017 10:33
To: [hidden email]; [hidden email]
Subject: Re: [Quickfixj-users] http://www.quickfixj.org/ is down; want to look up configuration documentation for TLS 1.2 encryption

 

Hi,

you could check the documentation here: https://github.com/quickfix-j/quickfixj/blob/master/quickfixj-core/src/main/doc/usermanual/usage/configuration.html
There were some things added around SSL/TLS verification in version 1.6.3 of QFJ. So I do not know if it will work with 1.5.3. We are using 1.6.3 to connect to Bloomberg and it works without problems.

Here are the parameters that we use:
SocketUseSSL = Y
EnabledProtocols = TLSv1.2
KeyStoreType = JKS
SocketKeyStore = <path to keystore>
SocketKeyStorePassword = <password>

Hope that helps,
Chris.


On 26/06/17 10:01, Tom Tempelaere wrote:

QuickFIX/J Documentation: http://www.quickfixj.org/documentation/
QuickFIX/J Support: http://www.quickfixj.org/support/
 
 




Hi all,

 

It seems like http://www.quickfixj.org/ is down and as it happens I need to review configuration documentation to see how encrypting the connection using TLS 1.2 is done. This encryption by TLS 1.2 is required by Bloomberg EMSX and there’s no way around that requirement (policy). I am currently on QuickFIX/J version 1.5.3.

 

I’ve surfed to the http://www.quickfixj.org/ site quite a few times recently and I keep getting “Service temporarily unavailable // The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later”. I am wondering if the site is indeed temporarily down or is this going to be permanent?

 

Also, a quick review on how to set TLS 1.2 encryption in configuration and what other things are needed to get this working, would be much appreciated.

 

Kind regards,

---
Tom Tempelaere
Software Architect & IT Management.

Upsilon SA

 

 

Virus-free. www.avast.com

take care of the environment - print only if necessary


--
Christoph John
Development & Support
Direct: +49 241 557080-28
Mailto:Christoph.John@...



http://www.macd.com


MACD GmbH
Oppenhoffallee 103
D-52066 Aachen
Tel: +49 241 557080-0 | Fax: +49 241 557080-10
 Amtsgericht Aachen: HRB 8151
Ust.-Id: DE 813021663

Geschäftsführer: George Macdonald


take care of the environment - print only if necessary

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Quickfixj-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/quickfixj-users