/Neo4j_SSL_HTTPS

Enabling-SSL-for-HTTP-and-bolt-for-Neo4j-4.x

Edit neo4j.conf

## Enable Bolt connector over TLS
dbms.connector.bolt.enabled=true
dbms.connector.bolt.tls_level=OPTIONAL

#Disable HTTP Connector. There can be zero or one HTTP connectors.**
dbms.connector.http.enabled=false

# Enable HTTPS Connector. There can be zero or one HTTPS connectors
dbms.connector.https.enabled=true
dbms.connector.https.listen_address=:7473
dbms.connector.https.advertised_address=:7473

## Bolt SSL configuration
dbms.ssl.policy.bolt.enabled=true
dbms.ssl.policy.bolt.base_directory=certificates/bolt
dbms.ssl.policy.bolt.private_key=private.key
dbms.ssl.policy.bolt.public_certificate=public.crt
dbms.ssl.policy.bolt.client_auth=NONE

## Https SSL configuration
dbms.ssl.policy.https.enabled=true
dbms.ssl.policy.https.client_auth=NONE
dbms.ssl.policy.https.base_directory=certificates/https
dbms.ssl.policy.https.private_key=private.key
dbms.ssl.policy.https.public_certificate=public.crt

set your ip

image

image

Create directory in NEO4J_HOME

mkdir certificates
mkdir certificates/https
mkdir certificates/https/trusted
mkdir certificates/https/revoked
mkdir certificates/bolt
mkdir certificates/bolt/trusted
mkdir certificates/bolt/revoked

image

Create new key

openssl req -x509 -newkey rsa:2048 -keyout private.key -out public.crt -nodes -days 1000

image

Copy a private key to directory certificates

cp private.key certificates/bolt
cp public.crt certificates/bolt
cp private.key certificates/https
cp public.crt certificates/https
service neo4j restart

image

Login into cypher use command

cypher-shell -a neo4j+ssc://0.0.0.0:7687

image

Open browser and open https://your-ip:7687

image