I checked the /vendor/nemiah/php-fints/lib/Fhp/Connection.php file and found there a custom user agent.
I tried to change this value, this works not in the application but if I do a plain curl with option -A specified it is sometimes working (see below).
Issue
Good day, I used your application the past months without any problem, it seems that comdirect changed something on their end.
I receive the following issue:
Configuration
Inside Docker Container
I checked the
/vendor/nemiah/php-fints/lib/Fhp/Connection.php
file and found there a custom user agent. I tried to change this value, this works not in the application but if I do a plain curl with option -A specified it is sometimes working (see below).Curl with User-Agent phpFinTS
I receive no anwser.
curl Output
``` /app/configurations # curl -A "phpFinTS" -v https://fints.comdirect.de/fints * Trying 193.41.133.14:443... * Connected to fints.comdirect.de (193.41.133.14) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: businessCategory=Private Organization; serialNumber=HRB 32000; jurisdictionC=DE; jurisdictionL=Frankfurt am Main; jurisdictionST=Hessen; C=DE; ST=Hessen; L=Frankfurt am Main; street=Kaiserstrasse 16; O=COMMERZBANK AG; CN=fints.comdirect.de * start date: Nov 29 07:21:16 2021 GMT * expire date: Dec 31 07:21:16 2022 GMT * subjectAltName: host "fints.comdirect.de" matched cert's "fints.comdirect.de" * issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Extended Validation CA - SHA256 - G3 * SSL certificate verify ok. > GET /fints HTTP/1.1 > Host: fints.comdirect.de > User-Agent: phpFinTS > Accept: */* > * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): ^C ```Curl with User-Agent Mozilla Chrome Safari
I receive a answer.
curl Output
``` /app/configurations # curl -A "Mozilla Chrome Safari" -v https://fints.comdirect.de/fints * Trying 193.41.133.14:443... * Connected to fints.comdirect.de (193.41.133.14) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: businessCategory=Private Organization; serialNumber=HRB 32000; jurisdictionC=DE; jurisdictionL=Frankfurt am Main; jurisdictionST=Hessen; C=DE; ST=Hessen; L=Frankfurt am Main; street=Kaiserstrasse 16; O=COMMERZBANK AG; CN=fints.comdirect.de * start date: Nov 29 07:21:16 2021 GMT * expire date: Dec 31 07:21:16 2022 GMT * subjectAltName: host "fints.comdirect.de" matched cert's "fints.comdirect.de" * issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Extended Validation CA - SHA256 - G3 * SSL certificate verify ok. > GET /fints HTTP/1.1 > Host: fints.comdirect.de > User-Agent: Mozilla Chrome Safari > Accept: */* > * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * Mark bundle as not supporting multiuse < HTTP/1.1 200 200 < Date: Sat, 30 Apr 2022 08:52:08 GMT < Server: Apache < Strict-Transport-Security: max-age=31536000; includeSubDomains < x-tr-requestticket: 98rytT8seYXXXXXXXXRoDBH2CgQA < Cache-Control: no-cache, no-store, must-revalidate < Pragma: no-cache < Expires: Thu, 01 Jan 1970 00:00:00 GMT < Content-Length: 262 < SE5IQks6MTozKzAw[obfuscated because of privacy ..............,.........................,] OTkn SElSTUc6MjoyKzkw[obfuscated because of privacy............................................ ]VyLis5ODAwOjpEaWFs b2cgYWJnZWJyb2N[obfuscated because of privacy............................................ ]W5zdGVsbHVuZzpubyBk * Connection #0 to host fints.comdirect.de left intact ```Another try gives me no answer
curl Output
``` /app/configurations # curl -A "Mozilla Chrome Safari" -v https://fints.comdirect.de/fints * Trying 193.41.133.14:443... * Connected to fints.comdirect.de (193.41.133.14) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: businessCategory=Private Organization; serialNumber=HRB 32000; jurisdictionC=DE; jurisdictionL=Frankfurt am Main; jurisdictionST=Hessen; C=DE; ST=Hessen; L=Frankfurt am Main; street=Kaiserstrasse 16; O=COMMERZBANK AG; CN=fints.comdirect.de * start date: Nov 29 07:21:16 2021 GMT * expire date: Dec 31 07:21:16 2022 GMT * subjectAltName: host "fints.comdirect.de" matched cert's "fints.comdirect.de" * issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Extended Validation CA - SHA256 - G3 * SSL certificate verify ok. > GET /fints HTTP/1.1 > Host: fints.comdirect.de > User-Agent: Mozilla Chrome Safari > Accept: */* > * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): ^C ```I have no clue what is going on. Is there a way to see more debug output?