QuickFIX/n Bloomberg configuration

Asked 25/10, 2017 at 15:28 Answered 25/10, 2017 at 17:32

Solved tls1.2 quickfix fix-protocol quickfixn

I'm trying to connect to Bloomberg through the FIX protocol (4.4) using QuickFIX/n.

Bloomberg requires to use the TLS 1.2 protocol. I have installed the PFX certificate following the instructions.

My current FIX config file looks as follows:

[DEFAULT]
ConnectionType=initiator
ReconnectInterval=2
FileStorePath=store
FileLogPath=fixlog
StartTime=06:00:00
StartDay=monday
EndTime=22:00:00
EndDay=friday
SocketConnectHost=xxx.xx.xxx.xx
SocketConnectPort=8228

# standard config elements

[SESSION]
BeginString=FIX.4.4
SenderCompID=MY_COMP_ID
TargetCompID=BBG_COMP_ID 
HeartBtInt=60
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=FIX_BBG.xml
CheckLatency=N

[SSL]
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=Y  
SSLCheckCertificateRevocation=N   
SSLCertificate=C:\Services\FixEngineService\cert\pkcs12\cert.pfx   
SSLCertificatePassword=xxxxxxxxxxxx

When I open the session, I immediately get disconnected. Actually, it's not a network problem as the server is reached. Bloomberg tells me that they have an "Unknown Protocol" message. I don't get any log on my side.

Do you see something wrong in my configuration? Is there someone that successfully set up a quickfix connection with Bloomberg? If yes what could be wrong in my settings from your experience?

Pentstemon answered 25/10, 2017 at 15:28 Comment(0)

You should put the SSL options under the session that it applies to. In your case:

[SESSION]
BeginString=FIX.4.4
SenderCompID=MY_COMP_ID
TargetCompID=BBG_COMP_ID 
HeartBtInt=60
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=FIX_BBG.xml
CheckLatency=N
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=Y  
SSLCheckCertificateRevocation=N   
SSLCertificate=C:\Services\FixEngineService\cert\pkcs12\cert.pfx   
SSLCertificatePassword=xxxxxxxxxxxx

Underhill answered 25/10, 2017 at 17:8 Comment(0)

I post the config that worked for me. In case other people struggle with the same configuration issue.

[DEFAULT]
ConnectionType=initiator
ReconnectInterval=2
FileStorePath=store
FileLogPath=fixlog
StartTime=06:00:00
StartDay=monday
EndTime=22:00:00
EndDay=friday
SocketConnectHost=xxxx.xx.xxx.32 
SocketConnectPort=8228


# standard config elements

[SESSION]
BeginString=FIX.4.4
SenderCompID=MAP_MY_BETA
TargetCompID=MAP_BLP_BETA
HeartBtInt=60
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=FIX_BBG.xml
CheckLatency=N
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=N
SSLCheckCertificateRevocation=N
SSLCertificate=C:\Services\FixEngineService\cert\pem\cert.pem
SSLCertificatePassword=xxxxxxxxxx
SSLCACertificate=C:\Services\FixEngineService\cert\pem\CACerts.pem
SSLRequireClientCertificate=Y

Also don't forget to import the pfx certificat for the right user.

Best,

Pentstemon answered 25/10, 2017 at 17:32 Comment(2)

Just to add (because Bloomberg might not tell you): As Fede said, import the pfx certificate. On Windows, double click on the certificate and the wizard will pop up. The default choices worked in our case. – Gallant 7/3, 2018 at 19:33

It looks to me like this works because you're disabling the check on the certificate with SSLValidateCertificate=N -- that's a bit of a security hole. – Lynnelynnea 1/3, 2022 at 21:36

Recommended topics

Hot tags