Can't connect to docker container running version 4

Question

Can't connect to docker container running version 4

Closed this issue 5 years ago · 2 comments

I'm using official docker image https://hub.docker.com/_/neo4j and have been connecting fine via bolt and http for months.
I pulled a new image recently and couldn't connect from my client (.net core 2.2 using readify neo4jclient latest stable version). I reverted to 3.5.14 and everything's fine again.

All I need to do to switch between being able to connect and not able is switch my docker-compose between:

#image: neo4j:latest
image: f28006f4724a

I can't see any issues in logs in either case:

Directories in use:
  home:         /var/lib/neo4j
  config:       /var/lib/neo4j/conf
  logs:         /logs
  plugins:      /var/lib/neo4j/plugins
  import:       /var/lib/neo4j/import
  data:         /var/lib/neo4j/data
  certificates: /var/lib/neo4j/certificates
  run:          /var/lib/neo4j/run
Starting Neo4j.
2020-01-27 14:07:12.292+0000 INFO  ======== Neo4j 4.0.0 ========
2020-01-27 14:07:12.332+0000 INFO  Starting...
2020-01-27 14:07:25.512+0000 INFO  Bolt enabled on 0.0.0.0:7687.
2020-01-27 14:07:25.514+0000 INFO  Started.
2020-01-27 14:07:29.230+0000 INFO  Remote interface available at http://0.0.0.0:7474/

Active database: graph.db
Directories in use:
  home:         /var/lib/neo4j
  config:       /var/lib/neo4j/conf
  logs:         /logs
  plugins:      /var/lib/neo4j/plugins
  import:       /var/lib/neo4j/import
  data:         /var/lib/neo4j/data
  certificates: /var/lib/neo4j/certificates
  run:          /var/lib/neo4j/run
Starting Neo4j.
2020-01-27 14:13:55.922+0000 INFO  ======== Neo4j 3.5.14 ========
2020-01-27 14:13:55.940+0000 INFO  Starting...
2020-01-27 14:14:02.730+0000 INFO  Bolt enabled on 0.0.0.0:7687.
2020-01-27 14:14:05.556+0000 INFO  Started.
2020-01-27 14:14:07.397+0000 INFO  Remote interface available at http://localhost:7474/

Have there been any changes that would block clients connecting with bolt and plain http?

Answer 1 · 2020-01-27T15:03:58.000Z

Hi @potomato neo4jclient may have encryption on by default. However bolt in neo4j 4.0 has encryption turned off by default. You need either turn off encryption explicitly on the neo4jclient, or turn encryption on the 4.0 neo4j server. When turning on encryption on neo4j 4.0 server, you need to configure the following settings:

dbms.connector.bolt.enabled=true
dbms.connector.bolt.tls_level=OPTIONAL 	# allows both encrypted and unencrypted driver connections

dbms.ssl.policy.bolt.enabled=true
dbms.ssl.policy.bolt.base_directory=certificates/bolt
#dbms.ssl.policy.bolt.private_key=private.key
#dbms.ssl.policy.bolt.public_certificate=public.crt

Answer 2 · 2020-01-27T16:14:13.000Z

Brilliant, thank you. I don't have a need for TLS so will check turning off encryption in neo4jclient and report back.