Hi,

I have been able to get a certifcate and created a key_store file and was able to run imports into Anaplan using AC1.4. However, just wondering, is there a way to not show the key_store password in the batch file? The password is visible in plain text.

Hi @UpaliW, the keystore alias & password must be saved in the script file. This allows AC 1.4 to extract the Private Key & Public Certificate. Alias & password are standard features on JAVA keystores.

Customer must install AC 1.4 & its Integration scripts on a secure server & limit access to that server.

Hi @UpaliW, Yes, with Basic Auth, password needs to be reset every 3 months. Users can avoid this by moving to CA Certificates for Auth.

Hi,

I have about 20 connect scripts, that run daily (overnight), if i "Switch to Basic Authentication", i have to have my password visible in all these scripts, and also have to update them every time my password expires, which could cause stoppages or issues in process, and was the reason i changed to certificates in the first place.

I looked at the "Upgrade to the latest API clients" but can find nothing on the website to explain things, and as far as i can see nobody on site has administration app access.

Any advice please

Hi @DeveloperCYT, we are planning to release an updated Anaplan Connect (AC) v1.4 in the near term. This provides support for CA certificates. You can migrate your AC 1.3.x.x integration scripts to AC 1.4 at your convenience. Please watch the Anaplan product releases page.

Hi,

With the changes to the Anaplan generated certificates, a number of customers have asked;

• Could you simply define Basic Authentication and how can customers use it instead? A customer read on a post that based on this option there would be a need to put the username and password on every batch file for the Anaplan Integration account. If passwords expire every 3 months would they need to update every individual batch file every 3 months?
• Regarding the option to, "Upgrade to the latest API clients" does it have a cost implication? Also I didn't quite understood how to Procure CA Certificates in the relevant link https://help.anaplan.com/anapedia/Content/Administration_and_Security/Tenant_Administration/Security...
• Do Customers need to download the new version of Anaplan Connect which will be available late September?

Many thanks for your help

R

Hi,

to start with, could you list examples of valid Certificates? I don't mean the root authorities, but the actual certificate product? There seems to be quite big price spread, what should be considered when buying?

Hi Henri:

You can begin by contacting your IT or Security Operations organization to determine if your company already has an existing relationship with a CA or intermediary CA.

• If your organization has an existing relationship with a CA or Intermediate CA you can request a client certificate be issued for your integration user.
• If your organization does not have an existing CA relationship, then you would need to contact an Intermediary CA which has one of the supported Root CA's digitally signing the Intermediary CA's certificate.

As you noted, there are many categories of certificates that a CA offers(for example: SAN certificates, wildcard certificates, code-signing certificates, and others). You should request a client certificate only. The process for procuring the certificate may take a few weeks for some validation that the CA must perform. We recommend you allow time for the procurement process. Once the CA issues the certificate file, follow their documented steps for making this file available in your environment.