Configuring Neo4j to operate on privileged ports

In some environments, users are required to run Neo4j on ports lower than 1024 due to corporate policies. The following is a sample configuration showing how to configure Neo4j 3.5 and newer to listen on those ports.

Refer to a path/to/file.

  1. Configure neo4j.conf to set the http, https and bolt ports.

    On a debian installation it would look like this:

    In the /etc/neo4j/ file, configure this as follows:

    # HTTPS
    echo "dbms_connector_https_enabled" "${dbms_connector_https_enabled:=true}"
    echo "dbms_connector_https_listen_address" "${dbms_connector_https_listen_address:=}"
    # HTTP
    echo "dbms_connector_http_enabled" "${dbms_connector_http_enabled:=false}"
    echo "dbms_connector_http_listen_address" "${dbms_connector_http_listen_address:=}"
    # BOLT
    echo "dbms_connector_bolt_enabled" "${dbms_connector_bolt_enabled:=true}"
    echo "dbms_connector_bolt_listen_address" "${dbms_connector_bolt_listen_address:=}"
    echo "dbms_connector_bolt_tls_level" "${dbms_connector_bolt_tls_level:=REQUIRED}"

    On a tar installation it would look like this:

    # Bolt connector
    # HTTP Connector. There can be zero or one HTTP connectors.
    # HTTPS Connector. There can be zero or one HTTPS connectors.
  2. Identify the location of the java installation.
    readlink -f $(which java)
  3. Bind the java executable to the privileged ports (use the path found in step 2).
    sudo setcap cap_net_bind_service=+eip /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
  4. Neo4j should start and allow access via https on port 80. ”’
    • Last Modified: 2020-10-22 22:13:22 UTC by David Fauth.
    • Relevant for Neo4j Versions: 3.5.
    • Relevant keywords server, ports.