9

I'm trying to connect to Bloomberg through the FIX protocol (4.4) using QuickFIX/n.

Bloomberg requires to use the TLS 1.2 protocol. I have installed the PFX certificate following the instructions.

My current FIX config file looks as follows:

[DEFAULT]
ConnectionType=initiator
ReconnectInterval=2
FileStorePath=store
FileLogPath=fixlog
StartTime=06:00:00
StartDay=monday
EndTime=22:00:00
EndDay=friday
SocketConnectHost=xxx.xx.xxx.xx
SocketConnectPort=8228

# standard config elements

[SESSION]
BeginString=FIX.4.4
SenderCompID=MY_COMP_ID
TargetCompID=BBG_COMP_ID 
HeartBtInt=60
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=FIX_BBG.xml
CheckLatency=N

[SSL]
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=Y  
SSLCheckCertificateRevocation=N   
SSLCertificate=C:\Services\FixEngineService\cert\pkcs12\cert.pfx   
SSLCertificatePassword=xxxxxxxxxxxx

When I open the session, I immediately get disconnected. Actually, it's not a network problem as the server is reached. Bloomberg tells me that they have an "Unknown Protocol" message. I don't get any log on my side.

Do you see something wrong in my configuration? Is there someone that successfully set up a quickfix connection with Bloomberg? If yes what could be wrong in my settings from your experience?

TT.
  • 15,774
  • 6
  • 47
  • 88
Fede
  • 804
  • 1
  • 10
  • 21

2 Answers2

7

You should put the SSL options under the session that it applies to. In your case:

[SESSION]
BeginString=FIX.4.4
SenderCompID=MY_COMP_ID
TargetCompID=BBG_COMP_ID 
HeartBtInt=60
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=FIX_BBG.xml
CheckLatency=N
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=Y  
SSLCheckCertificateRevocation=N   
SSLCertificate=C:\Services\FixEngineService\cert\pkcs12\cert.pfx   
SSLCertificatePassword=xxxxxxxxxxxx
TT.
  • 15,774
  • 6
  • 47
  • 88
3

I post the config that worked for me. In case other people struggle with the same configuration issue.

[DEFAULT]
ConnectionType=initiator
ReconnectInterval=2
FileStorePath=store
FileLogPath=fixlog
StartTime=06:00:00
StartDay=monday
EndTime=22:00:00
EndDay=friday
SocketConnectHost=xxxx.xx.xxx.32 
SocketConnectPort=8228


# standard config elements

[SESSION]
BeginString=FIX.4.4
SenderCompID=MAP_MY_BETA
TargetCompID=MAP_BLP_BETA
HeartBtInt=60
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=FIX_BBG.xml
CheckLatency=N
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=N
SSLCheckCertificateRevocation=N
SSLCertificate=C:\Services\FixEngineService\cert\pem\cert.pem
SSLCertificatePassword=xxxxxxxxxx
SSLCACertificate=C:\Services\FixEngineService\cert\pem\CACerts.pem
SSLRequireClientCertificate=Y

Also don't forget to import the pfx certificat for the right user.

Best,

Fede
  • 804
  • 1
  • 10
  • 21
  • 1
    Just to add (because Bloomberg might not tell you): As Fede said, import the pfx certificate. On Windows, double click on the certificate and the wizard will pop up. The default choices worked in our case. – Charles Plager Mar 07 '18 at 19:33
  • It looks to me like this works because you're disabling the check on the certificate with SSLValidateCertificate=N -- that's a bit of a security hole. – Tim Barrass Mar 01 '22 at 21:36