Problems With Hetiage Bank, Olympia, WA
This has been working fine since at least 2022. For the last couple days, there are errors:
20260406-09:02:32.551 <<<<<<<<
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(Unknown Source)
at java.base/java.io.OutputStream.write(Unknown Source)
at com.moneydance.apps.md.controller.olb.CustomURLStreamHandlerFactory$HttpsURLConnectionImpl.connect(CustomURLStreamHandlerFactory.java:768)
at com.moneydance.apps.md.controller.olb.ofx.OFXConnection.sendMessage(OFXConnection.java:2699)
at com.moneydance.apps.md.controller.olb.ofx.OFXConnection.sendMessage(OFXConnection.java:2560)
at com.moneydance.apps.md.controller.olb.ofx.OFXConnection.updateFIProfile(OFXConnection.java:620)
at com.moneydance.apps.md.controller.olb.ofx.OFXConnection.initSecureServices(OFXConnection.java:909)
at com.moneydance.apps.md.controller.olb.ofx.OFXConnection.getTransactions(OFXConnection.java:922)
at com.moneydance.apps.md.view.gui.OnlineManager.downloadTransactions(OnlineManager.java:651)
at com.moneydance.apps.md.view.gui.OnlineManager.downloadTransactions(OnlineManager.java:632)
at com.moneydance.apps.md.view.gui.AccountDetailPanel.lambda$actionForService$10(AccountDetailPanel.java:460)
at com.moneydance.apps.md.controller.BackgroundOpsThread.run(BackgroundOpsThread.java:177)
20260406-09:02:32.578 Setting size of window dialog4 to location (710, 290) and size (500 x 500) on display \Display0 with bounds java.awt.Rectangle[x=0,y=0,width=1920,height=1080]
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Maddy on 06 Apr, 2026 04:28 PM
Hi David,
We are sorry to hear about the problem you have encountered.
Firstly you could try removing the existing OFX connection.
To achieve this, open Moneydance and select the relevant account/s in the sidebar.
Then go to Online → Set Up Online Banking and click Disable to remove the OFX setup.
After that, restart Moneydance and try recreating the connection as outlined here.
If the problem persists, after removing the OFX connection you may want to consider switching to Moneydance +.
To achieve this, navigate to the bank's website to enable your accounts for third party access.
Then assign your accounts as described in this article.
I hope this information is helpful. Please let us know if you have further questions or need more assistance.
--
Maddy, Infinite Kind Support
2 Posted by whitedavidp on 06 Apr, 2026 04:42 PM
As usual, thanks!
I disabled online for one of my accounts there, restarted MD, and tried to re-setup again. Got the attached. Interestingly, this did NOT stop the setup process (although there was a delay). I got prompted to choose an account, which I did. I was never asked for credentials for log in. When that was done, I then tried to download for that account. Again, no credentials prompt. This ended without a visible error. But I am quite sure things are rotten here...
Support Staff 3 Posted by Maddy on 07 Apr, 2026 12:23 PM
Unfortunately, there are signs that Heritage Bank may be discontinuing Direct Connect. You may want to consider subscribing to Moneydance +.
Please keep us posted on your progress, Thank you!
--
Maddy, Infinite Kind Support
4 Posted by whitedavidp on 07 Apr, 2026 02:49 PM
Well, this is indeed bad news in a ever-lengthening series of bad news.
I cannot confirm one way or the other if this is the case. But if so, it is just one more case of another bank that does not give a enough thought to how their customers are impacted by their unilateral decisions. And, like all the others, the give absolutely no notice of the intent so we are make other plans.
I can say that at least their online website still offers Quicken (QFX) downloads. They also offer an OFX download which I have not tried. It is not clear how these might differ.
I will have to consider Moneydance + and I have read your postings about it. But I continue to have bad feelings about using a 3rd party for anything related to my finances. There are just way too many security breaches (in fact, Heritage Bank itself just reported one) and far too little penalty for allowing them to occur for me to have confidence in a 3rd party. I am not talking about IK here. I am talking about the aggregator.
I know this is outside of the control of MD/IK. But it does create serious problems for those who use your fine tools.
Support Staff 5 Posted by Maddy on 07 Apr, 2026 02:57 PM
We fully understand your perspective, David, and as you noted, banking decisions are ultimately beyond our control.
However, the positive side is that your bank continues to support manual downloads in the OFX and QFX file format.
OFX and QFX files contain unique transaction identifiers. So, if you were to accidentally download the same transaction to Moneydance more than once, the ID would be recognised. Moneydance would then ignore the duplicate transactions and not download them again.
--
Maddy, Infinite Kind Support
6 Posted by whitedavidp on 07 Apr, 2026 03:08 PM
Thanks. When I tried their website download initially, I got a bunch of duplicate transactions - perhaps the last 30 days - I am not sure since it does not really say.
I merged them in MD and tried to download again. I did NOT get duplicates at that point. So I am hoping this is a one time pain in the rear end!
7 Posted by whitedavidp on 07 Apr, 2026 03:14 PM
Can you please point me at the correct "Plaid’s privacy policy" that you find to be "refreshingly accessible and not too overloaded with legalese" as described here:
https://infinitekind.com/blog/moneydance-plus-privacy-subscriptions
Support Staff 8 Posted by Maddy on 07 Apr, 2026 03:35 PM
To summarize the process:
Plaid usually redirects you to your bank’s own website or app so you can sign in directly with them. This means that neither Plaid nor Moneydance ever sees your username or password. Once you finish the login on the bank’s site, the bank sends Plaid a secure token that allows access to your account for a limited time.
As soon as the Moneydance+ server receives that token, it immediately encrypts it using the public key from your Moneydance data file. Only your data file can decrypt it — not even our server can read it.
We explored every possible way to avoid using a Moneydance+ server altogether and let Moneydance communicate directly with your bank or with Plaid. Unfortunately, that isn’t technically possible. Because of that, we designed the MD+ server to be as minimal and secure as possible, handling only the essential steps and seeing the least amount of information.
So when Moneydance downloads your transactions, the request goes through the MD+ server, which verifies your data file’s public key and securely passes the request to Plaid. Plaid then returns your transaction data.
Nothing is logged during this process.
I hope this information is helpful. Please let us know if you have further questions or need more assistance.
--
Maddy, Infinite Kind Support
9 Posted by whitedavidp on 07 Apr, 2026 03:40 PM
Thanks. I guess I have to further investigate Plaid. Their website? Thanks
10 Posted by whitedavidp on 07 Apr, 2026 03:41 PM
Also, how to KNOW which financial institutions work with Plaid? I have to assume that not all do so. Thanks
Support Staff 11 Posted by Maddy on 07 Apr, 2026 03:49 PM
Although the development team is considering implementing a way of seeing all the banks supported by Moneydance+ via Plaid without signing up to the free 14-day trial on Plaid's website, for the time being this is the only option.
Using the 14-day trial you can create a free account at: https://my.plaid.com by clicking GET STARTED at that link.
Once signed into your Plaid account you can then click the link to Add an Account.
You get the same screen as if you were in Moneydance+ and you can check the list to see if your Banks are supported.
Lastly the direct link to Plaid’s End User Privacy Policy is:
https://plaid.com/legal/#end-user-privacy-policy
Please keep us posted on your progress, Thank you!
--
Maddy, Infinite Kind Support
12 Posted by whitedavidp on 07 Apr, 2026 04:12 PM
Thanks again. Sorry for all the questions...
But I am still not at all clear how MD+/Plaid work. I am most certainly not clear about how/where my login credentials are stored and used.
Something like a system sequence diagram <https://www.visual-paradigm.com/guide/uml-unified-modeling-language/what-is-sequence-diagram/> would be really helpful.
13 Posted by whitedavidp on 07 Apr, 2026 04:18 PM
Who collects the funds for the MD+? how are they to be paid? What are the payment options?
When I sign up for MD+, am I paying IK? Am I paying Plaid? Am I paying BOTH?
There are just so many seemingly unanswered questions about all of this.
Sorry for all the questions. I have looked in the MD+ KB but I am still not finding actual answers...
Support Staff 14 Posted by Maddy on 07 Apr, 2026 08:50 PM
In brief: IK pays Plaid specifically to allow customers to connect their bank accounts and share the necessary financial data. Plaid isn’t a payment recipient — it’s a data‑connectivity service. So the customer pays IK via Paddle (our payment processing partners).
If you have purchased a license key for Moneydance 2022/23/24 (and you have registered the program), you can subscribe to Moneydance+ for $4/monthly or $40/yearly as outlined in this article from the Knowledge Base.
--
Maddy, Infinite Kind Support
15 Posted by whitedavidp on 07 Apr, 2026 09:23 PM
Thanks. This is starting to help me fill in my information gaps. Now that I know Paddle is used, I can also know that I can use PayPal as a payment mechanism. That is good and important to me because I simply try to minimize the number of places where my credit card info is stored (and hence potentially hackable) on the web.
So now I really need to understand the data flows between MD+, Plaid, and the institutions. I have read all the KB and Blog info about MD+. I think that IK has done a good enough job of explaining what they keep on their servers, why, and why it cannot be otherwise. But I don't know anything about Plaid except that they are now inserted into what was previously a simple and well-understood process.
It seems as-if my financial data (transactions, etc) has to flow through Plaid somehow. Is this true? And, if true, how do I know that this data is not being stored, mined, or sold to anyone else? How do I know how the data is protected? We are not talking about shopping lists at Amazon here. We are talking about some of people's most sensitive information and for multiple institutions through a single point (Plaid, I guess) which becomes a potential single point of failure (especially security/privacy-wise).
It simply is not enough to do a trial. That is great. But a trial does NOT explain this sort of thing in any detail. It will only tell you if it WORKS or not.
I do not think it is unreasonable for people to want to know and really understand this. I have posted another, very specific, question in hopes that some user(s) of MD+ have managed to figure this out and can help explain to the rest of us. Really, that should be IK's job. But it is not well enough documented for anyone to make an informed and considered choice about their most sensitive information.
Thanks again.
16 Posted by whitedavidp on 08 Apr, 2026 03:05 PM
BTW - I had emailed a complaint to Heritage Bank and I actually got a semi-informed phone call back!
The person had checked with their IT department and said "The feature is NOT being terminated - and we would never do that without warning. The vendor which provides this feature has updated/improved it."
It may well be that a 3rd party handles OFX for this bank as it has always needed a secondary/different set of login credentials for OFX access than for normal, web access. I have no idea who that might be though.
I was asked for an error code to report back. I checked the console window and saw only the info shown above. I saw no error code per se, just that the SSL connection failed handshake. I told them this but it was clear that they were not expecting anything other than some error code.
Is there a way to know (a) who is responsible for providing the OFX server and (b) any more details about the SSL handshake error?
Thanks
17 Posted by whitedavidp on 09 Apr, 2026 03:33 PM
This morning, the same errors continue :-(
Support Staff 18 Posted by Jenny on 10 Apr, 2026 05:12 PM
Hi,
We've been receiving lots of reports from customers who are seeing this same error when trying to connect with multiple different banks. The reported banks all use the same server information for OFX Direct Connect, so we believed this was most likely a temporary outage or the server was down for maintenance.
As of today, I can see that there has been a slight change to the connection information for all banks that use this same OFX server. I am in the process of updating the connection details in Moneydance. The changes will be reviewed by our lead developer and then made available in the program - this shouldn't take more than a day (a few days at most, with it being the weekend tomorrow).
I will let you know when the new connection details are available in Moneydance. You can then test them, and hopefully you'll be able to connect again.
--
Jenny, Infinite Kind Support
19 Posted by whitedavidp on 10 Apr, 2026 05:24 PM
Hi Jenny. I wondered about there being something in common with other banks that I have seen reported in this forum. And something server-side seems most likely given what the people at my bank told me - their "vendor" was making"improvements". Thanks for your persistence and help in dealing with this.
Support Staff 20 Posted by Jenny on 12 Apr, 2026 09:53 AM
Hi,
I have made the necessary changes to the 'Heritage Bank - Olympia, WA' connection, and the new connection details are now available in Moneydance. If you recreate the connection, you should now be able to connect.
If the problems persist, let me know, and we'll troubleshoot further.
--
Jenny, Infinite Kind Support
21 Posted by whitedavidp on 12 Apr, 2026 03:02 PM
Thanks Jenny! I am seriously pleased to report that this is now working once again. Best
Maddy closed this discussion on 16 Apr, 2026 12:24 PM.