Copy netty-tcnative-2.0.70.Final-linux-x86_64.jar from /usr/share/neo4j/lib/netty-tcnative to /var/lib/neo4j/plugins
In neoj4.conf, set dbms.netty.ssl.provider=OPENSSL
Generated certificates with Let's Encrypt (certbot)
Set the following in neo4j.conf: server.bolt.enabled=true server.bolt.tls_level=OPTIONAL server.bolt.listen_address=:7687 dbms.ssl.policy.bolt.enabled=true dbms.ssl.policy.bolt.base_directory=certificates/bolt dbms.ssl.policy.bolt.private_key=private.key dbms.ssl.policy.bolt.public_certificate=public.crt
Restarted Neo4J
Attempted to connect with secure Bolt: cypher-shell -u <MYUSER> -p <MYPASS> -a bolt+s://localhost:7687
Result: Unable to write Bolt handshake to localhost:7687.
Attempted to connect with non-secure Bolt: cypher-shell -u <MYUSER> -p <MYPASS> -a bolt://localhost:7687
Result: Connection to the database terminated. Please ensure that your database is listening on the correct host and port and that you have compatible encryption settings both on Neo4j server and driver. Note that the default encryption setting has changed in Neo4j 4.0.
In debug.log, I see a (long) stack trace of errors that includes the following lines:
java.lang.IllegalArgumentException: Failed to load any of the given libraries: [netty_tcnative_linux_x86_64, netty_tcnative_linux_x86_64_fedora, netty_tcnative_x86_64, netty_tcnative]
java.lang.UnsatisfiedLinkError: no netty_tcnative_x86_64 in java.library.path: /usr/java/packages/lib:/usr/lib/x86_64-linux-gnu/jni:/lib/x86_64-linux-gnu:/usr/lib/x86_64-linux-gnu:/usr/lib/jni:/lib:/usr/lib
java.lang.UnsatisfiedLinkError: could not load a native library: netty_tcnative
I guess the netty-tcnative plugin doesn't get loaded. I'd appreciate any help to get this working!
I remark that all runs fine when I set server.bolt.tls_level=DISABLED. Just no TLS then.
No I wasn’t able to solve it. I worked around the problem by deploying the client application on the same machine so my traffic could stay inside localhost.
Hi @mdelambilly - I have a response but it is not ideal.
This issue seems to be is caused by an unintended breaking change introduced with the Jetty version update included in Neo4j. It cannot be fixed without a code change. The current workaround is to generate new certificates with a valid hostname.
The problem is known, but there is no confirmed timeline for resolution. Using HTTPS on localhost is not recommended. As an alternative, an earlier release (e.g., 5.10) may work, though it has not been tested.
Someone internally suggested test https in an Aura Free instance and connect to that. OR If you want to test the config, try it on a cloud instance rather than localhost or try an older version of neo4j.
These were some potential suggestions, but for now the actual issue is more involved. I hope you are able to find a work around.
I do not understand, neo4j docker app is installed on a server on which I directed my domain name. I generated certificated with LetsEncrypt to connect to it in SSL/TLS.
I connect to neo4j browser using a subdomain in https. This part works just fine. But when I give to neo4j browser the bolt URL, I get the error message about its inability to load any of the given libraries: [netty_tcnative_linux_x86_64, netty_tcnative_linux_x86_64_fedora, netty_tcnative_x86_64, netty_tcnative].
