Adding SSL to Neo4j self-hosted on Linux

Hello,

I am attempting to add SSL configuration to my Linux VM which hosts the Neo4j server. I followed the steps outlined in the documentation, but seem to be hitting a lot of errors with the netty plugins.

I downloaded the .jar files into the /plugins directory (specific to my x64 system) and I keep getting the following error:

java.lang.UnsatisfiedLinkError: no netty_tcnative in java.library.path: /usr/java/packages/lib:/usr/lib/x86_64-linux-gnu/jni:/lib/x86_64-linux-gnu:/usr/lib/x86_64-linux-gnu:/usr/lib/jni:/lib:/usr/lib

So, I downloaded the same .jar files into one of these listed directories - still no dice.

Any idea what I'm missing?

Hello Jacob,

You don't need additional netty plugin jar files to enable SSL. Those would be used if you wanted to use OPEN_SSL as your SSL provider.

If you have valid certificates, you can configure neo4j to use the certificates and then SSL should work using the jdk.

What Linux VM are you using?

Gotcha. I removed the neo4j.conf setting which indicates OPENSSL as the netty provider (which I saw in the SLL Configuration doc). The VM would start up, without the tcnative error, but the HTTPS and Bolt won't work.

I am using an Azure Linux VM Ubuntu 20.04.

I created certificates from LetsEncrypt certbot (as suggested by Neo4j docs).

Will need to look at your Neo4j.conf and/or debug.log to figure this out.

Shall I email them to you or attach to this thread?

you can email them to me at david[dot]fauth@neo4j.com