Neo4j Browser won't establish a secure connection

unclenorton · August 19, 2021, 2:24pm

So I have set up a cluster with neo4j-helm chart, and configured SSL certificates with k8s cert manager.

I am passing the following configuration via the helm chart's configMap:

  NEO4J_dbms_ssl_policy_bolt_enabled: "true"
  NEO4J_dbms_connector_bolt_tls__level: "REQUIRED"
  NEO4J_dbms_ssl_policy_https_enabled: "true"
  NEO4J_dbms_connector_http_enabled: "false"
  NEO4J_dbms_connector_https_enabled: "true"

As of now, I am able to:

connect cypher-shell using neo4j+s://mydomain.com; the neo4j:// protocol doesn't work as expected
open https://mydomain.com:7473 in the browser. SSL certificate is valid there.

However, trying to connect to neo4j+s://mydomain.com using Neo4j Browser (either the standalone version or the one at mydomain:7473) results in the connection error:

WebSocket connection to 'wss://mydomain:7687/' failed:

If I set bolt.tls_level to "OPTIONAL", I can connect via neo4j:// with both the browser and cypher-shell.

Am I missing something? Appreciate any help or clues.

michael.hunger · August 19, 2021, 8:01pm

Can you check the advertised addresses?
Perhaps browser tried to connect to the advertised address from the config?

You can check that with curl against the base URL 7474 or with call dbms.cluster.overview()

Browser needs to be loaded from an https URL like https://browser.graphapp.io

Topic		Replies	Views
Connect with secure protocol from neo4j browser to Kubernetes Orchestration & Kubernetes	2	248	March 14, 2022
Neo4j 4.3.10 config https fail Neo4j Graph Platform	0	190	March 1, 2022
Cypher-shell certificates Neo4j Graph Platform migrated	1	182	August 3, 2022
Allow connections on public and private network interfaces Installation network-connectivity , security	4	1149	October 5, 2020
TLS with bolt in neo4j-driver Javascript operations	2	1197	July 14, 2020

Neo4j Browser won't establish a secure connection

Related topics