AqBanking

From GnuCash
Revision as of 21:08, 16 February 2007 by Cstim (talk | contribs) (finalize instructions)
Jump to: navigation, search

Setting up a HBCI PIN/TAN account

By Commandline

This instructions will explain how to set up a HBCI account with PIN/TAN authentification. The access data is from a test account that can be used by any gnucash developer; the instructions are also in src/import-export/hbci/HACKING-HBCITEST.txt.

Instructions are copied from http://linuxwiki.de/AqBanking/aqhbci-tool where they are in German.

We assume you have aqbanking and gnucash installed, and aqbanking's program aqhbci-tool is in your PATH.

1. Create/register a new security medium in AqBanking 

aqhbci-tool addmedium -t pintan

2. Find out the index number of the newly created security medium 

aqhbci-tool listmedia

The output will be something like 

Medium 0: "PINTAN-20070216-214030" (pintan)

and the important part is the first number, here: 0.

3. Create a HBCI user 

aqhbci-tool adduser -m N -s SERVERURL -b BANKCODE -u USERID

where N is the medium number (0), SERVERURL is the full URL of the server application, BANKCODE is the bank code, and USERID is the identification string of the user that is allowed to access this account. For the test account, we have the following: 

aqhbci-tool adduser -m 0 -s www.hora-obscura.de/pintan/PinTanServlet -b 80007777 -u gnucash

There is an optional argument of the CUSTOMERID, but this concerns you only if your bank explicitly said you have to use some extra customer id that is different from the user id.

4. Retrieve a system identification number. This system identification is necessary for the HBCI protocol to identify you and your software; if this step is forgotten or fails, nothing else will work. 

aqhbci-tool getsysid -b BANKCODE

This command will ask you several questions. First it retrieves the server certificate and asks you whether you accept it. Then it asks whether you want to accept the certificate only this session or forever. Eventually, you have to enter the PIN number (password) of your online banking account. (For the gnucash test account, this is 12345.) The full output looks e.g. like this: 

===== Certificate Received =====
The following certificate has been received:
Name        : www.hora-obscura.de
Organisation: www.hora-obscura.de
Department  : GT90185227
Country     : DE
City        : unknown
State       : unknown
Valid after : 2007/02/15 14:28:06
Valid until : 2008/05/17 14:28:06
Hash        : 69:CF:A0:D9:EA:1F:4B:DA:5F:FA:7D:EE:75:87:C9:FF
Status      : Certificate is valid
Do you wish to accept this certificate?
(1) Yes  (2) No
Please enter your choice: 1
===== Certificate =====
Do you want to accept this certificate permanently?
(1) Permanently  (2) This session only  (3) Abort
Please enter your choice: 1
===== Enter Password =====
Please enter the password for 
PINTAN-20070216-215639
Input: *****

Any additional (error) messages can be ignored for now; just continue to work.

5. List the resulting accounts 

aqhbci-tool listaccounts

The bank server should have sent a list of accounts in the last step already. If this is the case, you can view the list of accessible accounts now. The output for the gnucash test should look like this: 

Account 0: Bank: 80007777 Account Number: 2501111538
Account 1: Bank: 80007777 Account Number: 2501111539
Account 2: Bank: 80007777 Account Number: 2501111540

If you've come this far, then congratulations: Your online access works!

6. Use the HBCI accounts in gnucash. In order to access the accounts from gnucash, you need to match a HBCI account to one of your gnucash accounts each. The next time you start gnucash, press "Tools -> Online Banking Setup" to use the online banking setup wizard. Press "Next" there. Ignore the text that says you should start the external program "AqBanking setup wizard", because you've already set up aqbanking by the command line. Because of this, press "Next" again.

You will now arrive at the "Match HBCI accounts with GnuCash accounts" window. You should see the three accounts mentioned above in the left column of the wizard window.

Click on an account name on the left (the account defined in the AqBanking setup wizard configuration), and select the GnuCash account that should be associated with it.

Click the Forward button.

In the next window, click the Apply button.

You're now ready to use the HBCI accounts from the respective GnuCash register windows. See Setting_up_OFXDirectConnect_in_GnuCash_2#Using_Gnucash_to_download_transactions_directly_to_an_account_register on how to do this.

Retrieved from "https://wiki.gnucash.org/wiki/index.php?title=AqBanking&oldid=3283"