This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Secure Local Grandstack with SSL ? (Starter not connecting to DB)

roman1
Node

‎12-13-2020 06:40 PM

Hi

Enjoying learning about digital security/vulnerabilities, resilience and graphs.
Qn in a nutshell: how to get Grandstack working as securely and resiliently as possible? ie with encryption and a local neo4j DB before transferring local DB to the cloud or docker on my NAS?

I'm following Will's Willow tutorials and trying to get my local neo4j DB working with SSL so that when I move to the cloud i'm across the various security issues. Will turns off Encryption and uses neo4j sandbox. Which I've done in prior projects. This time i've enabled encryption because i want to get working on a real work project this time where security is critical and I need to ensure only authorized users can access the content and that cloud providers will not be able to see the application.

After i build, The graphql API and front end run at http:// localhost:3000/ and http:// localhost:4001/graphql

However, the api can't query the DB (running Neo4j 4.1.1) and is timing out:
"errors": [{"message": "Failed to connect to server. Please ensure that your database is listening on the correct host and port and that you have compatible encryption settings both on Neo4j server and driver. Note that the default encryption setting has changed in Neo4j 4.0. Caused by: Client network socket disconnected before secure TLS connection was established"

My .env file points to:
NEO4J_URI=bolt://localhost:11004

Searching the forums, it seems from this post the problem is with https as:
https://localhost:7474/ in the browser returns "ERR_SSL_PROTOCOL_ERROR" while http://localhost:7474/browser/ provides a neo4j desktop interface and allows me to login.

IIUC how to configure SSL and get neo4j grandstack running securely is a whole beast in itself so wondering if the best approach is to just go through the docs and figure it out or if anyone has other resources or recommendations?

Thanks

PS. If you have any other recommendations, tips or vids on how to secure a grandstack app so that the cloud provider can't see / tamper with any info (because you have sensitive data like finacial transactions), please feel free to share. Thanks!

Labels:
Reply
1 REPLY 1

mckenzma
Ninja
Ninja

‎12-14-2020 07:07 AM

I haven't gone through all of @william.lyon videos but I thought I recall him possibly using SSL at one point with one of his projects (I could be wrong). I haven't had a chance to turn on SSL myself yet. Depending on what you are trying to do though, I am working on guide to deploy a GRANDstack application on a Raspberry Pi. Again I haven't gotten to the part of using SSL, but when I do I can let you know. I'm assuming you might get there before me though.

0 Kudos
Reply
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online

Watch replays