I setup Neo4j 4.0.1 enterprise in a causal cluster with the following nodes:
- neo4j-01 (CORE)
- neo4j-02 (CORE)
- neo4j-03 (CORE)
- neo4j-04 (READ_REPLICA)
The config for each host is the same with dbms.mode being the obvious exception on neo4j-04. Also, each host generated a self-signed certificate and private key, located in /var/lib/neo4j/certificates.
All of the hosts start Neo4j without any errors in the logs (journalctl --unit=neo4j). The CORE servers seem to be working just fine. I see cluster transactions, leader election, etc. I can also open a cypher-shell and access the Browser interface just fine from any of the CORE hosts. However, when trying to open a cypher-shell on the READ_REPLICA node I get the following error:
Failed to obtain connection towards WRITE server. Known routing table is: Ttl 1586283858104, currentTime 1586283558110, routers AddressSet=[neo4j-04:7687], writers AddressSet=[], readers AddressSet=[neo4j-04:7687], database '<default database>'
Could this be due to how I have TLS configured?
The SSL policy is enabled for HTTPS (7473) and Bolt (7687) but not for cluster discovery (5000), transactions (6000), or RAFT (7000)? The nodes of the cluster don't have the self-signed certificates of the other nodes since it appeared that intra-cluster traffic was only on those 3 non-TLS ports.
Any ideas?