FIX Onboarding Checklist – What Every Engineer Should Verify
Onboarding a new FIX connection requires careful attention to configuration, security, and testing. This checklist helps engineers verify all critical components before going live. Missing any of these steps can lead to connection failures, rejections, or security issues.
1. CompID Configuration
- ✓ Verify SenderCompID and TargetCompID match the counterparty's requirements
- ✓ Confirm SenderSubID and TargetSubID if required (some venues require these)
- ✓ Document CompID mappings for all environments (DEV, UAT, PROD)
- ✓ Ensure CompIDs are unique and not conflicting with other connections
- ✓ Test CompID validation with counterparty before certification
2. SSL/TLS Certificates
- ✓ Obtain valid SSL certificate from counterparty or certificate authority
- ✓ Install certificate in correct keystore/truststore location
- ✓ Verify certificate expiration date and set up renewal reminders
- ✓ Test SSL handshake with counterparty's test environment
- ✓ Confirm cipher suite compatibility (TLS 1.2+ typically required)
- ✓ Validate certificate chain (root CA, intermediate, end entity)
3. Network Connectivity
- ✓ Confirm IP whitelisting on both sides (your IPs and counterparty IPs)
- ✓ Test network connectivity using telnet or nc to FIX port
- ✓ Verify firewall rules allow outbound connections to counterparty
- ✓ Check for network address translation (NAT) issues
- ✓ Validate DNS resolution if using hostnames
- ✓ Test failover to backup IPs if provided
4. FIX Protocol Configuration
- ✓ Set correct BeginString (FIX.4.2, FIX.4.4, etc.) per counterparty spec
- ✓ Configure heartbeat interval (typically 30-60 seconds)
- ✓ Set test request interval (usually 2-5 minutes)
- ✓ Configure session start/end times if required
- ✓ Enable sequence number reset if needed (tag 141)
- ✓ Verify message validation rules match counterparty expectations
5. Test Cases and Certification
- ✓ Complete all required certification test cases
- ✓ Test NewOrderSingle (35=D) with various order types
- ✓ Test OrderCancelRequest (35=F) and OrderCancelReplaceRequest (35=G)
- ✓ Verify execution reports (35=8) are received correctly
- ✓ Test reject handling (35=3) and error recovery
- ✓ Validate sequence number gap handling
- ✓ Test session recovery after disconnection
- ✓ Verify business-level rejects are handled appropriately
6. Message Validation
- ✓ Validate all mandatory tags are present per FIX specification
- ✓ Verify tag values are within valid ranges (e.g., Side=1 or 2)
- ✓ Check timestamp formats match counterparty requirements
- ✓ Validate ClOrdID uniqueness within session
- ✓ Test message length limits (BodyLength tag 9)
- ✓ Verify checksum calculation (tag 10)
7. Common Onboarding Issues
Frequent Problems:
- CompID Mismatch: SenderCompID/TargetCompID don't match counterparty's expectations
- SSL Handshake Failure: Certificate not installed correctly or expired
- Sequence Number Issues: Starting sequence numbers not synchronized
- Missing Mandatory Tags: Required fields not included in messages
- Invalid Timestamps: SendingTime (52) format incorrect or timezone issues
- Network Timeouts: Heartbeat interval too long or network issues
- IP Whitelist: Your IPs not added to counterparty's firewall rules
8. Pre-Production Checklist
- ✓ Complete all certification test cases successfully
- ✓ Obtain written approval from counterparty to go live
- ✓ Document connection parameters and CompIDs
- ✓ Set up monitoring and alerting for session status
- ✓ Configure log rotation and retention policies
- ✓ Test failover and disaster recovery procedures
- ✓ Schedule go-live date and time with counterparty
- ✓ Have rollback plan ready in case of issues
Related Resources
Additional resources for FIX onboarding and troubleshooting:
- FIX Protocol Overview – Understanding FIX architecture
- FIX Troubleshooting Guide – Diagnose connection issues
- Common FIX Reject Codes – Understanding reject messages
- Upload a FIX Log – Analyze your FIX session logs