Configure connectors

How to configure connectors (Bolt, HTTP, and HTTPS) for Neo4j.

1. Available connectors

The table below lists the available Neo4j connectors:

Table 1. Neo4j connectors and port number
Connector name Protocol Default port number

dbms.connector.bolt

Bolt

7687

dbms.connector.http

HTTP

7474

dbms.connector.https

HTTPS

7473

When configuring the HTTPS or Bolt connector, see also SSL framework for details on how to work with SSL certificates.

2. Configuration options

The connectors are configured by settings on the format dbms.connector.<connector-name>.<setting-suffix>>. The available suffixes are described in the table below:

Table 2. Configuration option suffixes for connectors
Option name Default Setting(s) Description

enabled

true [1]

dbms.connector.bolt.enabled, dbms.connector.http.enabled, dbms.connector.https.enabled [2]

This setting allows the client connector to be enabled or disabled. When disabled, Neo4j does not listen for incoming connections on the relevant port.

[1] When Neo4j is used in embedded mode, the default value is false.

[2] The default value for dbms.connector.https.enabled is false.

listen_address

127.0.0.1:<connector-default-port>

dbms.connector.bolt.listen_address, dbms.connector.https.listen_address, dbms.connector.http.listen_address

This setting specifies how Neo4j listens for incoming connections. It consists of two parts; an IP address (e.g. 127.0.0.1 or 0.0.0.0) and a port number (e.g. 7687), and is expressed in the format <ip-address>:<port-number>. See below for an example of usage.

advertised_address

localhost:<connector-default-port>

dbms.connector.bolt.advertised_address, dbms.connector.https.advertised_address, dbms.connector.http.advertised_address

This setting specifies the address that clients should use for this connector. This is useful in a Causal Cluster as it allows each server to correctly advertise addresses of the other servers in the cluster. The advertised address consists of two parts; an address (fully qualified domain name, hostname, or IP address) and a port number (e.g. 7687), and is expressed in the format <address>:<port-number>. See below for an example of usage.

tls_level

DISABLED

dbms.connector.bolt.tls_level

This setting is only applicable to the Bolt connector. It allows the connector to accept encrypted and/or unencrypted connections. The default value is DISABLED, where only unencrypted client connections are to be accepted by this connector, and all encrypted connections will be rejected.

Other values are REQUIRED and OPTIONAL. Use REQUIRED when only encrypted client connections are to be accepted by this connector, and all unencrypted connections will be rejected. Use OPTIONAL where either encrypted or unencrypted client connections are accepted by this connector.

Example 1. Specify listen_address for the Bolt connector

To listen for Bolt connections on all network interfaces (0.0.0.0) and on port 7000, set the listen_address for the Bolt connector:

dbms.connector.bolt.listen_address=0.0.0.0:7000
Example 2. Specify advertised_address for the Bolt connector

If routing traffic via a proxy, or if port mappings are in use, it is possible to specify advertised_address for each connector individually. For example, if port 7687 on the Neo4j Server is mapped from port 9000 on the external network, specify the advertised_address for the Bolt connector:

dbms.connector.bolt.advertised_address=<server-name>:9000

3. Options for Bolt thread pooling

See Bolt thread pool configuration to learn more about Bolt thread pooling and how to configure it on the connector level.

4. Defaults for addresses

It is possible to specify defaults for the configuration options with listen_address and advertised_address suffixes, as described below. Setting a default value will apply to all the connectors, unless specifically configured for a certain connector.

dbms.default_listen_address

This configuration option defines a default IP address of the settings with the listen_address suffix for all connectors. If the IP address part of the listen_address is not specified, it is inherited from the shared setting dbms.default_listen_address.

Example 3. Specify listen_address for the Bolt connector

To listen for Bolt connections on all network interfaces (0.0.0.0) and on port 7000, set the listen_address for the Bolt connector:

dbms.connector.bolt.listen_address=0.0.0.0:7000

This is equivalent to specifying the IP address by using the dbms.default_listen_address setting, and then specifying the port number for the Bolt connector.

dbms.default_listen_address=0.0.0.0

dbms.connector.bolt.listen_address=:7000
dbms.default_advertised_address

This configuration option defines a default address of the settings with the advertised_address suffix for all connectors. If the address part of the advertised_address is not specified, it is inherited from the shared setting dbms.default_advertised_address.

Example 4. Specify advertised_address for the Bolt connector

Specify the address that clients should use for the Bolt connector:

dbms.connector.bolt.advertised_address=server1:9000

This is equivalent to specifying the address by using the dbms.default_advertised_address setting, and then specifying the port number for the Bolt connector.

dbms.default_advertised_address=server1

dbms.connector.bolt.advertised_address=:9000

The default address settings can only accept the hostname or IP address portion of the full socket address. Port numbers are protocol-specific, and can only be added by the protocol-specific connector configuration.

For example, if you configure the default address value to be example.com:9999, Neo4j will fail to start and you will get an error in neo4j.log.