Stuck behind corporate proxy - Self-Signed Certificate Error

Hi all,

I'm trying to use the Neo4j Desktop app but I'm running into issues, I think, because of my corporate proxy. I have successfully installed the desktop app but during the first boot-up I'm running into an error "Shasum of the downloaded file did not match the expected value. Please try again!" during the "Downloading Neo4j 4.2.1" step.

As I go look into the logs it's giving me "code: 'SELF_SIGNED_CERT_IN_CHAIN'," error. I've run into this before with CLI tools and desktop applications and it's my company's proxy checking everything that comes goes to my computer. I checked with the IT at my work and they suspected the same.

The way I fixed similar issues before, and what my company's IT suggested, was one of two things: pointing the application to the certificate bundle file on my computer or by telling the app not to check for self-signed certificates. I did this before for a Node.js terminal session by running NODE_TLS_REJECT_UNAUTHORIZED=0. And for desktop applications many have a setting where you can point them to read the certificate bundle file and it should then work.

Does anyone know how to point Neo4j Desktop to my certificate bundle file? I'm unable to open settings since it's in the boot process when the error happens. Or is there a way to have Neo4j Desktop to not check for my safety (I appreciate them looking but my company does that for me)?

TLDR: I think I need to point Neo4j desktop towards a certificate bundle file on my computer so that it can download things or tell Neo4j desktop not to check for self-signed certificates.

As your Neo4j instance is not running yet, I don't think changing the settings of the Neo4j configuration file related to a DBMS who doesn't exists yet will change anything. But yes there is an option to disable it or associate a certificate bundle to a DBMS instance.

In your case, it can't be that, maybe you can try an other format for the Neo4j Desktop on your O.S: What I'm reading in the error means : Your file has been corrupt during the download.

Or testing the file integrity fails due to some local network policies. Did you tried download it on a USB stick from an other network and use the USB stick to install it in your working environment.

OR the source of the download Neo4j packages has a certificate associate to it and maybe you can install it somewhere in your local network environment to make it work. If it's the case you will need the help of the ITs.

Yes, I think this is basically it. My understanding is that Neo4j Desktop is trying to protect me and check to make sure every server that download files bounced through are safe. One of those servers is my company's proxy (I'm working at home), and Neo4j says "woah, I don't trust that thing" and I need to tell Neo4j "No, it's okay, here are their credentials."

Unfortunately, our company doesn't want any external USBs connected to our work computers. I may have to resort to this though.

I'm working remote at home. Would there be a way to download Neo4j Desktop on my personal computer and transfer it over the network to my work computer?