Solved: Unable to connect (error OL-297-A) to Wells Fargo the last 2+ weeks

Mathew

Problem:
I was not able to connect to Wells Fargo the last 2+ weeks with Quicken reporting OL-297A error. And I had no issues with 4 other banks. After discussing with support for some time this morning, the discussion lead to the possibility of Windows 7 which I was using and the need for TLS 1.2 support. And I was told that Windows 7 is no longer supported by Quicken and that I need to upgrade the Windows version. When asked for the link on this I was given https://www.quicken.com/support/quicken-system-requirements

Solution:
Due to various reasons I cannot upgrade my Windows 7 to Windows 8 or 10. Looking for a solution to add TLS 1.2 support on Windows 7, found that Microsoft Windows 7 supports up to TLS 1.2 and need to be enabled manually. So below are the steps I did on my Window 7 to make Quicken connect again to Wells Fargo and work as before.

Note: The below steps are to install and enable TLS 1.2 on Windows 7. For Windows 8 or Windows 10, not sure if TLS 1.2 need to be enabled manually. Please search on the internet to find details on it.

a. Backup Quicken data using the Quicken Backup option as a precaution.

b. Go to Microsoft support site:
https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392

c. Follow the steps on the above site (more details given below)

d. Reboot your Windows 7 system

e. Quicken still had issue connecting to Wells Fargo

f. Reset Wells Fargo Account (this does not delete your existing data) and add back your account. Quicken will list your accounts found with Wells Fargo and give options to link them to your existing Quicken account/data base. Also it will download your newer transactions since the last update

g. Test the "Account Update" option to see if all works fine.

If you make mistakes in steps e-g, you can always go back by restoring the Quicken Backup you did in step a.

>> c. Follow the steps on the above site (more details given below)

Below are the summary of steps I did:

1. Confirmed if Windows 7 SP1 is installed (this is a prerequisites). If you do not have SP1, download and install SP1 as detailed in the link. SP1 has the TLS support but is not enabled by default.

2. Under the "Registry information", click on the "Easy fix" link to download the tool that will add Registry Entries to enable TLS 1.2.

If you are adventurous/curious and want to learn/can take risk, manually add the registry entries using the Regedit tool. Registry entries are detailed in the link. You would want to set DefaultSecureProtocols Value to 0xA00. You can consider to skip HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings if you do not care using TLS for Internet Explorer or use IE.

Hope the above helps. Would appreciate if someone who has Windows 8 or Windows 10, add details if anything need to be done on to make TLS and Quicken work.

Thanks

bobade

I'm having the same problems with my W7 SP1 computer and Wells Fargo Advisors. Your solution seems clear, but it did not work for me. I ran Easy Fix easily, but after reboot, still got an OL-97-A error when trying to connect Wells Fargo Advisors (I had disconnected it in a previous effort after refresh failed.) You mention the DefaultSecureProtocols value, which looks to be 0x00000a00. When I try to modify it, I can see that the value data is a00; the field will not allow 0xA00. Any more thoughts? Thanks in advance. 

Bob

Mathew

Hello Bob,

You have the right value for DefaultSecureProtocols. 0x00000a00 is same as 0xa00 (basically I did not mention the leading zeroes as they are not significant for e.g. 123 in decimal is same as 0123 or 000123).

Few things to check are and things you can compare with what I have:

a. Please make sure you had rebooted the system for the new changes done by Easy Fix are taken into effect.

b. Please make sure you have the latest update for Quicken. I missed mentioning it above. I have Version R45.7 Build: 27.1.45.7 (Seen under Help->About Quicken)

c. Previously I had "Direct Connect" for all my Wells Fargo (you can check it under the Tools->Account List for all your accounts what they are). When I reset the Wells Fargo account in step f, I just now noticed that it has configured to as "Improve connection". When you click the Edit button to the left, it bring up the "Account Details" , go to "Online Services" and it shows the Connection Method as Expresss Web Connect (this is the default and thus this was picked up for me when I did the reset)

bobade

Hi, Matthew, 
Thanks for trying to help. Quicken tells me that I already have the latest version of Quicken (Release R44.28) - which is surprising since you seem to have a more recent version. I have no updates available. In trying to set up an Express Connect with Wells Fargo Advisors, Quicken no longer gives me an 0L-97-A error. Now it says: Sorry. We encountered an error. (It's not your fault.) Quicken is having trouble connecting to Wells Fargo Advisors." Hopefully this will eventually be fixed, but I'm skeptical.

I really wish there was a comparable, competitive product as an alternative to Quicken, which I've used for more than 20 years (except during the time that Microsoft Money was working), because problems like this are common and are always very time consuming.

Mathew

Hello Bob,

Not sure why R45.7 was not picked up. You might want to talk to Quicken support and hope it will help you. Below is the release list:
https://www.quicken.com/support/quicken-windows-release-notes

I too am an long time Quicken user and prior to that with MS Money till MS discontinued it. And I also wish there was a comparable product to switch to. There is this Mint but I am not comfortable with it as it is web based.

Chris_QPW

R45.7 is in stagged release mode, with automatic updates off because the limit for users has been met.

If you want to install R45.7 you can do so by downloading the manual install from here:
https://www.quicken.com/support/update-and-patch-20182019-release-quicken-windows-subscription-product

wrau0000

It's not clear at Microsoft link, but it looks like this is KB3140245. Only see this when you go to Microsoft Update Catalog to download.
https://catalog.update.microsoft.com/search.aspx?q=kb3140245

And my machine is WIN7 64-bit so I selected:
Update for Windows 7 for x64-based Systems (KB3140245)

wrau0000

I followed the Microsoft procedure above, BUT I also had to change my connection method.
In Quicken I selected my Wells Fargo checking account (I have 6 total).
Then I seleected Account Settings ("gear" symbol) and then "Edit Account Details"
Selected the "Online Services" tab.
Then "Reset Account"
BUT THIS FAILED.
Afterwords there was a blue colored link for "Change My Connection" that I clicked.
I selected "Express Web Connect" (I believe it had been "Direct Connect")
I had to enter Wells Fargo credentials.
I had change one "Link to Existing Accounts" for a Credit Card.
I was then able to update successfully.

That being said, my guess "Direct Connect" is the more secure connection where you're connecting directly to Wells Fargo on a secure "link", BUT it requires TLS 1.2 (this is root of problem getting TLS 1.2 enabled on Win7.
For now, Express Web Connect is allowing me to update accounts.

ereynold60

@wrau0000 - I'm also on Win7 and cannot use Direct Connect with Wells Fargo. I changed to Express Web Connect and re-linked accounts. Currently working (fingers crossed). I only download transactions and account balances; I don't use Bill Pay, so I don't know if that would work for others.

I'd rather use Direct Connect, but it has the OL-297 error owing to TLS1.2 on Win7.

wrau0000

@reynold60 - glad to hear its working for you, BUT not clear, did you also have to perform Windows TLS 1.2 fix discussed above OR was it simply switching from "Direct Connect" to "Express Web Connect"??

The reason I ask is because if you go here and read about various connection methods:
https://community.quicken.com/discussion/7851859/faq-how-quicken-connects-with-your-financial-institution-tips-tricks-and-best-practices

It sounds like "Direct Connect" is a direct full-featured secure connection (probably using TLS 1.2) with Wells Fargo servers to access transactions, BUT also allows you to perform BillPay. So I suspect you are correct that BillPay is only possible with "Direct Connection".

On the other hand, "Express Web Connect" sounds like each night the Quicken server logs into your Wells Fargo account (just like one does with their Web Browser) and then it "scrapes" the screen views to generate the list of transactions. The Quicken server then stores those transactions until the next time one performs an update.

And like you, I only download transactions and balances. So if one is using Bill Pay, they won't be able to after switching from "Direct Connection" to "Express Web Connection".

ereynold60

@wrau0000 - I did do the TLS1.2 fix on Wn7, but it had no effect on Direct Connect. I'd had been manually downloading a QFX file from WF to import transactions. Just recently changed from Direct Connect to Express Web Connect; I'd rather use Direct Connect, but it doesn't seem to be getting fixed anytime soon.

wrau0000

Just wondering if you even have to do the Microsoft Win7 TLS1.2 Fix or whether its good enough to just switch from Direct Connection to Express Web Connect (although you lose BillPay) since EWC probably doesn't use TLS 1.2. In that case we haven't solved anything with the Win7 TLS 1.2 Fix.
So I'm looking to hear from someone who has performed the Win7 TLS 1.2 Fix -AND- is using Direct Connection.

ereynold60

@wrau0000 - In my experience the TLS1.2 "fix" had no effect on Direct Connect; it still did not work and produced the OL-297 error. There is another thread on here that talks about the failure being related to an error in negotiation of cipher suites under TLS1.2 and that may be where the connection failure is occurring; i.e. Quicken and WF are not agreeing on the cipher suites to be used during the TLS1.2 handshake.

I don't think you need the TLS1.2 fix to use Express Web Connect with WF. FWIW, I can still use my Edge browser to access WF website and download QFX file and import transactions. While EWC is probably different in some respects, it perhaps works in somewhat the same way.

All that said, I would prefer Direct Connect, as it appears more secure way to access WF.

Explanation of Quicken connectivity options: https://www.intuit.com/partners/fdp/implementation-support/ofx/why-connect/connectivity-types/

ereynold60

QUESTION: Has anyone tried removing online services for WF accounts and then re-adding as Direct Connect with the TLS1.2 fix ???

I changed my WF accounts to use Express Web Connect and it is working for transaction download and account balances, but I would prefer Direct Connect.

As a test, I tried "Adding a New Account" in Quicken, selected Wells Fargo and Direct Connect, provided my ID/password... and Quicken showed me my 2 accounts that are already linked. There was not option to re-link my 2 accounts as they are already setup. I'm not sure if it used Direct Connect to get my account listing.

I might try removing online services and then using "Add a new account" to see if I can re-connect using Direct Connect... that is after doing a backup first.

wrau0000

@ereynold60 I too have wondered about switching back to Direct Connect after Win7 Fix, I just am not that adventurous. Not to be negative, but I suspect the "discovery" of accounts was not using Direct Connect as that involves setup, protocol negotiation and other stuff.... It might, I'm no expert. If you do proceed I wish you the best of luck and you have my thanks for experimenting.

ereynold60

> @ereynold60 said:
> QUESTION: Has anyone tried removing online services for WF accounts and then re-adding as Direct Connect with the TLS1.2 fix ???
>
> I might try removing online services and then using "Add a new account" to see if I can re-connect using Direct Connect... that is after doing a backup first.

I can confirm this does not work. Selecting Direct Connect won't even show me my accounts... just an OL-297 error. Direct Connect is broken for Wells Fargo on Win7 even with the TLS1.2 fix.

cjim

@ereynold60 I tried a number of things (including your suggestions) to get it to connect under Windows 7. Only thing that worked was to upgrade to Windows 10.

wrau0000

Update: After applying Win7 TLS1.2 path (above) and switching from "Direct Connect" to "Express Web Connect" I have been able to download on my Win7 SP1 machine for the last two weeks... HOWEVER, each time I download, Wells Fargo announces that my credentials may have been compromised (pretty sure they haven't) and that I must change. This then requires changing WF credentials in Quicken and re-linking the five accounts... Happened twice in two weeks and never in prior decade. Seems like Express Web Connect is "tickling" the WF Compromised Login "algorithm". If it happens a third time, I will have to surrender and find a Win10 machine to run Quicken. BTW, to add insult to injury, Chrome banner just popped up this AM that Win7 machines will no longer receive updates for Chrome. Happy Holidays.