Based on customer feedback and to allow admins additional time to transition to new integration clients, Anaplan will be issuing a new Anaplan certificate on December 8, 2018. The current Anaplan certificate will stop working on December 8. You will need to take action based on your integration client and authentication.
Hi @winstonquan, if you are looking to create custom integration by directly invoking REST APIs, please wait for Anaplan to release the v2.0 API & user guide. If you are interested in Anaplan Connect v.14, you can use it without needing to refer to the API guide. Thanks.
I have been able to get a certifcate and created a key_store file and was able to run imports into Anaplan using AC1.4. However, just wondering, is there a way to not show the key_store password in the batch file? The password is visible in plain text.
Hi @UpaliKW, the keystore alias & password must be saved in the script file. This allows AC 1.4 to extract the Private Key & Public Certificate. Alias & password are standard features on JAVA keystores.
Customer must install AC 1.4 & its Integration scripts on a secure server & limit access to that server.
I have about 20 connect scripts, that run daily (overnight), if i "Switch to Basic Authentication", i have to have my password visible in all these scripts, and also have to update them every time my password expires, which could cause stoppages or issues in process, and was the reason i changed to certificates in the first place.
I looked at the "Upgrade to the latest API clients" but can find nothing on the website to explain things, and as far as i can see nobody on site has administration app access.
Hi @DeveloperCYT, we are planning to release an updated Anaplan Connect (AC) v1.4 in the near term. This provides support for CA certificates. You can migrate your AC 1.3.x.x integration scripts to AC 1.4 at your convenience. Please watch the Anaplan product releases page.
With the changes to the Anaplan generated certificates, a number of customers have asked;
Could you simply define Basic Authentication and how can customers use it instead? A customer read on a post that based on this option there would be a need to put the username and password on every batch file for the Anaplan Integration account. If passwords expire every 3 months would they need to update every individual batch file every 3 months?
to start with, could you list examples of valid Certificates? I don't mean the root authorities, but the actual certificate product? There seems to be quite big price spread, what should be considered when buying?
You can begin by contacting your IT or Security Operations organization to determine if your company already has an existing relationship with a CA or intermediary CA.
If your organization has an existing relationship with a CA or Intermediate CA you can request a client certificate be issued for your integration user.
If your organization does not have an existing CA relationship, then you would need to contact an Intermediary CA which has one of the supported Root CA's digitally signing the Intermediary CA's certificate.
As you noted, there are many categories of certificates that a CA offers(for example: SAN certificates, wildcard certificates, code-signing certificates, and others). You should request a client certificate only. The process for procuring the certificate may take a few weeks for some validation that the CA must perform. We recommend you allow time for the procurement process. Once the CA issues the certificate file, follow their documented steps for making this file available in your environment.