Anaplan Connect - Could not load the privateKey for authentication.


Hi all,


I'm trying to connect to Anaplan through Anaplan Connect tool using a Sectigo Certificate.


I'm able to connect using an hard coded credentials (user:pass) but when trying to connect via Certificate I'm facing the error below.


Note: I have received an "user.crt" file from Sectigo on which I ran the following openssl code to get the private key:


openssl x509 -inform der -in user.crt -out certificate.pem


@Echo on
rem This example loads a source text file and runs an Anaplan import into a module.
rem For details of how to configure this script see doc\Anaplan Connect User Guide.doc

set certificate="C:\Anaplan\anaplan-connect\certificates\certificate.pem"
set WorkspaceId="8a81b09459"
set ModelId="61XYZA7"
set Operation=-file "Employee.txt" -put "C:\Users\User\Downloads\Employee.txt"
-import "New Hire from Employee.txt" -execute -output "C:\My Errors.txt"


rem *** End of settings - Do not edit below this line ***

setlocal enableextensions enabledelayedexpansion || exit /b 1
cd %~dp0
set Credentials=-certificate %certificate%
set Command=.\AnaplanClient.bat %Credentials% -workspace %WorkspaceId% -model %ModelId% %Operation%
@Echo %Command%
cmd /c %Command%


Thanks in advance




  • anirudh
    Hi Ruben,

    Not able to see what error you are getting... I can only see the AC script in your post
    Also, please check the interactive guide here

  • Hi Anirudh,


    Thanks for your quick reply,


    The error that I'm getting is detailed below:


    Running Anaplan Connect...
    Using Class-Path: C:\Anaplan\anaplan-connect\anaplan-connect-1.4.4-jar-with-dependencies.jar
    2020-06-23 18:55:54 ERROR 14272 |-- Anaplan API: Could not initialise service credentials (Runtime: Could not load the privateKey for authentication. Please check the privateKey parameters in your input.)


    I will have a look into the interactive guide that you shared.


    Best Regards,



  • You need to add all the parameters




  • I believe that will be a further step (authentication through Java Key Store).


    Firstly, I was trying to connect using my Sectigo certificate without the aforementioned option, simply using the certificate location.


    Please see below a succesful example implemented by Elisa.



    Thanks in advance,



  • The Anaplan Connect version in that post is 1.3


    which version are you using? 


    this is the guide for 1.4.4:

  • I'm using Anaplan Connect 1.4 (latest version available) and followed the instructions below to get the CA certificate from Sectigo

    Step #1 - Procure your CA Certificate from Sectigo

    Navigate to Sectigo and purchase a Personal Authentication Certificate. The following link has been preconfigured to support Anaplan's certificate requirements:

    Under User Details, complete the fields to specify Email Address, Forename, Surname.
    Under Advanced Security Options, accept the pre-populated default values.
    Under Login Credentials, set a Username, and Password.
    Confirm the password.
    Click Place Order.


    Now I have access to an user.crt certificate sent it by Sectigo but no password file available.

    Could you give me some guidance how do I get the respective password file related to the issued certificate?



  • Hi 


    It seems like the issue is because you are not referencing the private key at all in the script. In the successful scripts that I have run on 1.4.4, you have to 'set' the public certificate (what you already have) and set the private key. See the example below.


    set CERTPATH="D:\prod_anaplan\prod_anaplan_connect\CAcertificate.pem"
    set PRIVATEKEY="D:\prod_anaplan\prod_anaplan_connect\private.key:"

     Hope this is helpful.




  • Hi 


    did you manage to make your batch work? I am in the exact same situation as you were, by the looks of it. 


    I got the user.crt from Sectigo, I have extracted the public key following the "Interactive CA Certificate Guide", I have set both paths in my script:


    Public Key is the PEM file i have generated using OpenSSL as per indicated in the CA guide

    Privayekey is the CRT fie i got from Sectigo...


    But it does not seem to work. I get the following error:

    (Illegal argument: Either private key path <C:\OpenSSL-Win64\bin\user.crt> or passphrase is null. Please check the value(s).)