Resolve TLS certificate errors

TLS encryption is required everywhere. This is a compilation of few errors you can expect while configuring your server. openssl command is required to diagnose or manipulate the certificates. Check the permission on the folder neo4j might run as a… Read more →

Explore:  


A demonstration of IntraCluster SSL Encryption

This document provides a step-by-step demonstration of the process to deploy a Self-Signed SSL Certificate, to member instances of a Causal Cluster, aimed at achieving intra-cluster encryption. The steps can be outlined as: Generate and install cryptographic objects Create an SSL… Read more →

Explore:  


How Neo4j Browser uses bolt+routing

There are two kinds of Bolt drivers specified by URI scheme: the bolt:// scheme is used to create a direct driver and the bolt+routing:// scheme is used to create a routing driver. Neo4j Browser will always: Use a direct driver… Read more →

Explore:  


TLS/SSL Configuration for Specific Ciphers

Per documentation: dbms.ssl.policy.<policyname>.ciphers is by default set to the Java platform default allowed cipher suites, which can also be explicitly set to any specific ciphers (separated by “,”) to further restrict list of allowed ciphers, thus enabling us to enforce… Read more →

Explore:  


How to set up SSL communcation when running Neo4j within a Docker Container

Neo4j 3.2 added a Unified SSL Framework to setup secure connections for Bolt, HTTPS and Intra-Cluster Encryption. Details on this framework can be found at: https://neo4j.com/docs/operations-manual/current/security/ssl-framework/ Setting up secure Bolt and HTTPS communications when running Neo4j within a Docker Container… Read more →

Explore:  


Enabling TLSv1.2 with IBM JDK9

Neo4j 3.4.0 only supports TLSv1.2 by default. IBM JDK9 uses the TLSv1 protocol by default. When attempting to run cypher-shell, users will be unable to connect to Neo4j. To enable TLSv1.2 in the IBM JDK, set the following JAVA OPT:… Read more →

Explore:  


Explanation of error on session connection using uniform drivers

As described by http://neo4j.com/docs/developer-manual/current/drivers/#_trust, when establishing an encrypted connection, it needs to be verified that the remote peer is who we expected to connect to. The default connection is to ‘Trust on first use’ and to do so indicates that… Read more →

Explore: