Neo4j

yli249 · ‎05-14-2020

Hi, I'm trying to connect Neo4j remote Graph and I have tried almost all of the methods in community but they don't work for me. My Neo4j is the latest version.
Here are my settings of database:
#*****************************************************************

Network connector configuration

#*****************************************************************

With default configuration Neo4j only accepts local connections.

To accept non-local connections, uncomment this line:

dbms.default_listen_address=0.0.0.0

You can also choose a specific network interface, and configure a non-default

port for each connector, by setting their individual listen_address.

The address at which this server can be reached by its clients. This may be the server's IP address or DNS name, or

it may be the address of a reverse proxy which sits in front of the server. This setting may be overridden for

individual connectors below.

dbms.default_advertised_address=localhost

You can also choose a specific advertised hostname or IP address, and

configure an advertised port for each connector, by setting their

individual advertised_address.

By default, encryption is turned off.

To turn on encryption, an ssl policy for the connector needs to be configured

Bolt connector

dbms.connector.bolt.enabled=true
#dbms.connector.bolt.tls_level=DISABLED
dbms.connector.bolt.listen_address=192.168.X.X:7687

HTTP Connector. There can be zero or one HTTP connectors.

dbms.connector.http.enabled=true
dbms.connector.http.listen_address=192.168.X.X:7474

HTTPS Connector. There can be zero or one HTTPS connectors.

dbms.connector.https.enabled=false
dbms.connector.https.listen_address=192.168.X.X:7473

Number of Neo4j worker threads.

#dbms.threads.worker_count=

#*****************************************************************

SSL policy configuration

#*****************************************************************

Each policy is configured under a separate namespace, e.g.

dbms.ssl.policy..*

can be any of 'bolt', 'https', 'cluster' or 'backup'

The scope is the name of the component where the policy will be used

Each component where the use of an ssl policy is desired needs to declare at least one setting of the policy.

Allowable values are 'bolt', 'https', 'cluster' or 'backup'.

E.g if bolt and https connectors should use the same policy, the following could be declared

dbms.ssl.policy.bolt.base_directory=certificates/default
dbms.ssl.policy.https.base_directory=certificates/default

However, it's strongly encouraged to not use the same key pair for multiple scopes.

N.B: Note that a connector must be configured to support/require

SSL/TLS for the policy to actually be utilized.

see: dbms.connector.*.tls_level

SSL settings (dbms.ssl.policy..*)

.base_directory Base directory for SSL policies paths. All relative paths within the

SSL configuration will be resolved from the base dir.

.private_key A path to the key file relative to the '.base_directory'.

.private_key_password The password for the private key.

.public_certificate A path to the public certificate file relative to the '.base_directory'.

.trusted_dir A path to a directory containing trusted certificates.

.revoked_dir Path to the directory with Certificate Revocation Lists (CRLs).

.verify_hostname If true, the server will verify the hostname that the client uses to connect with. In order

for this to work, the server public certificate must have a valid CN and/or matching

Subject Alternative Names.

.client_auth How the client should be authorized. Possible values are: 'none', 'optional', 'require'.

.tls_versions A comma-separated list of allowed TLS versions. By default only TLSv1.2 is allowed.

.trust_all Setting this to 'true' will ignore the trust truststore, trusting all clients and servers.

Use of this mode is discouraged. It would offer encryption but no security.

.ciphers A comma-separated list of allowed ciphers. The default ciphers are the defaults of

the JVM platform.

Bolt SSL configuration

dbms.ssl.policy.bolt.enabled=true
dbms.ssl.policy.bolt.base_directory=certificates/bolt
dbms.ssl.policy.bolt.private_key=private.key
dbms.ssl.policy.bolt.public_certificate=public.crt

Https SSL configuration

dbms.ssl.policy.https.enabled=true
dbms.ssl.policy.https.base_directory=certificates
dbms.ssl.policy.https.private_key=private.key
dbms.ssl.policy.https.public_certificate=public.crt

Can anyone help with that? Thanks!

Cobra · ‎05-23-2020

It looks like the database turns itself off, can you try reinstalling a new one? If possible with the latest version of Neo4j (> 4.0)

Regards,
Cobra

View solution in original post

Cobra · ‎05-14-2020

Hello,

Is Neo4j Server on a Linux or Windows distribution?
I manage several Neo4j server and I use this configuration:
dbms.default_listen_address=0.0.0.0
dbms.connector.bolt.enabled=true

#dbms.connector.bolt.tls_level=DISABLED
#dbms.connector.bolt.listen_address=:7687

dbms.connector.http.enabled=false
#dbms.connector.http.listen_address=:7474

dbms.connector.https.enabled=false
#dbms.connector.https.listen_address=:7473

I hope this will help you, don't forget to restart your database after you updated the neo4j.conf file.

yli249 · ‎05-14-2020

Received with thanks , it's on MAC.

Cobra · ‎05-15-2020

Did it work? If yes, you can close this subject 🙂

yli249 · ‎05-15-2020

The original graph is running good but I still can't remotely connect.

Thanks!

Cobra · ‎05-15-2020

Have you changed the login and the password of the database?
Did you tick the encrypted connection box or not?

yli249 · ‎05-15-2020

I have edited the setting according to your suggestion, the orginial graph works, but it still can't be connected from other computers.
Login is neo4j and I have changed the password.
Neither tick the encrypted connection or not doesn't work, I tried both~

Thanks~

Cobra · ‎05-15-2020

Is the remote graph on the same computer or a distant server?

What do you mean by "the orginial graph works"?

yli249 · ‎05-15-2020

The remote graph is on a distant server.

The original graph means the graph I wanna connect to from the distant server.

Thanks!

Cobra · ‎05-15-2020

What is the distribution of remote server?

And your personnal computer on MacOS, right?

What version of Neo4j Server are you using?

yli249 · ‎05-15-2020

Remote server is windows 10 base. And the graph I changed settings is on MacOS.
Both of these 2 computers have Neo4j 4.0.4& Neo4j Desktop 1.2.8.

Thanks~

Cobra · ‎05-15-2020

The configuration I gave you is for the Neo4j Server on Windows 10, you don't need to change anything on Neo4j Desktop that is on MacOS 🙂

yli249 · ‎05-15-2020

Thanks! Plz tell me if anywhere I misunderstood.

Cobra · ‎05-15-2020

How is it going? I hope it resolves your issue:)

Cobra · ‎05-15-2020

Go to the Neo4j remote server on your Windows 10 Server and use the config I gave you
Restart the remote server and take a screenshot where I can see the status of the service
After go on your MacOS computer and start Neo4j Desktop and use the login / password of the Neo4j remote server:)

yli249 · ‎05-15-2020

Windows10:
MacOS:
Windows 10:

Thanks!

Cobra · ‎05-15-2020

No problem 🙂 if you want to use Neo4j Desktop on Windows Server, you must use localhost and not the server IP:) You only need the server IP when you are not on the server:) If your problem is resolved, you can close this topic:)

yli249 · ‎05-15-2020

Hey, thanks for squeezing time to help me, but I haven't solved the prob yet.
I'm using microsoft remote Desktop, Mac Neo4j desktop is on the left side and the right side is windows 10 Neo4j desktop.
For Neo4j in Mac, my setting is default.
For Neo4j in Windows 10, my setting is reset according to your configuration.
My target is running project called MKG1 on Mac as well as remotely connecting to MKG1 on Windows 10.

I tried hundreds of times but it is still not working. Could you plz have a look at it?

Thank you again!

Cobra · ‎05-15-2020

We are gonna find what is the issue:)

To be sure, you must install Neo4j Server on your Windows server: https://neo4j.com/download-center/#community and use the configuration I gave you.

After you can use Neo4j Desktop to access the Neo4j Server:

if you are on the same machine of the Neo4j server: use localhost in Neo4j Desktop
if you are outside the server, so on your Mac, you must specify the server adress that hosts Neo4j Server.

You cannot access a local database created with Neo4j Desktop from another computer, it must be a Neo4j Server (and not a local database created by Neo4j Desktop) if you want to access this one remotly 🙂

ganesh_sharma67 · ‎05-16-2020

Also please check for inbound rules for neo4j ports at server(nic) and os level(In your case win firewall)..

Thanks

yli249 · ‎05-16-2020

Thanks, I closed both firewalls of Mac and Windows 10(remote computer) before I had this issue, so I think the problem is somewhere else~

ganesh_sharma67 · ‎05-16-2020

Okay. What I would suggest, spin up a some simple server(like chrome plugin: 200 ok) on 7474 port and try browsing from your local Mac machine or curl.. just for a test..

yli249 · ‎05-16-2020

Received with thanks, it still doesn't work, I'm still working on it.

!

Could you plz help with that? thank you again!

kadoshada · ‎05-16-2020

i'm also faced this kind of issue. in my case my OS is ubuntu and had to uninstall with deleting all related folder of neo4j and again install it freshly solved my problem.
In my case i have installed old version of neo4j and after i installed latest neo4j version but it didn't work. in my case also i couldn't connect it through neo4j desktop but it can access through neo4j browser and also couldn't connect default DB only connected to system DB. when connecting to default DB it showed error saying 'an error occurred in graph.db'. then i uninstall neo4j and delete all related folder of neo4j and again installed it freshly and problem solved. hope this may help you.

Cobra · ‎05-16-2020

Hello @yli249, so if I understand well, you don't have any real servers, just two "classic" computers?

I never tried to connect two laptops together and I don't know if this is possible. But to start, I think one of them must be with Neo4j Server and the other with Neo4j Desktop.

For the neo4j.conf file, maybe get a fresh new one and only changed lines I gave you at the beginning.

yli249 · ‎05-16-2020

Yes,I have installed both Neo4j server(open via browser ) and Neo4j desktop for Mac and Windows 10.
Now on Mac, Neo4j database instance can be open via browser(localhost) as well as desktop.

Thanks!

Cobra · ‎05-16-2020

So if you want to access the Neo4j server of the other computer, try with his local IP since you are on the same network:)

yli249 · ‎05-16-2020

Cobra · ‎05-16-2020

It's a bit different from what I wrote:

dbms.default_listen_address=0.0.0.0
dbms.connector.bolt.enabled=true

#dbms.connector.bolt.tls_level=DISABLED
#dbms.connector.bolt.listen_address=:7687

dbms.connector.http.enabled=false
#dbms.connector.http.listen_address=:7474

dbms.connector.https.enabled=false
#dbms.connector.https.listen_address=:7473

Cobra · ‎05-16-2020

So let me summarize the story:

you have 2 computers (no real server): one with Windows 10 and one with MacOS
you have installed Neo4j Server Community and Neo4j Desktop on both
your goal is to access database from the other computer
both computers are on the same network

So this is the plan:

make sure both computers can see each other on the network
the database you want to access remotly must have a special configuration, at least:

dbms.default_listen_address=0.0.0.0
dbms.connector.bolt.enabled=true

dbms.default_listen_address=0.0.0.0 allows the database to be accessed from outside of the computer ;
dbms.connector.bolt.enabled=true allows the communication threw bolt protocol ;
When you have changed the configuration of the remote server, restart it and show us its status please ( bin/neo4j status or service neo4j-service status)
On the other computer, with Neo4j Desktop, you must specify the adress of the remote server so in your case, it should be the IP of the other computer (you can try your local IP or your real IP).

After that, I won't have other ideas 😕

yli249 · ‎05-17-2020

Hi, Cobra,

I stopped using virtual machine and used another laptop installed Neo4j community as well as Neo4j desktop. I tried to remotely connect this new laptop to the Neo4j database on my Mac OS.

Since the configuration you mentioned does not work for me, I made some modifications to neo4j.conf according to the suggestions provided online, which is shown below:

I found my local Ip address and external IP address:

In order to prevent chrome from blocking my remote requests，I used a guest visit mode of Chrome to open Neo4j browser database on mac via http://localhost:7474/browser/,

then I also used a guest visit mode of chrome on the new laptop and connected via http://12x.x.x.x:7474/browser/ The Ip adress I used was local IP address of my Mac.

But it is not always working ...then I realized my neo4j may not have signed SSL certificates so that the request from the new laptop cannot reach my Mac OS, the solutions of getting SSL certificates seems complex:

Could you plz tell me if getting SSL certificates is necessary to solve this issue?

Besides, I'm wondering if using Neo4j Aura for sharing a database online is much easier.

Thank you guys for helping me in solving this problem, if you have any other ideas plz let me know:)

Thank you again!!

Cobra · ‎05-18-2020

Hello,

I never used SSL certificate on Neo4j so I don't know to to be honest

Neo4j Aura is a good solution but you will have to pay to use it.

Maybe you could only use one PC ?

yli249 · ‎05-22-2020

Hi, Cobra, after changed the configuration of the remote server, I restarted it and input bin/neo4j status into Terminal, the result was:

But I'm sure my Neo4j database in desktop was running as well as http://localhost:7474/browser/.

Could you plz help with that ? Maybe this can provide some clues that I cannot remotely connect to Neo4j.

Thanks!!

Cobra · ‎05-22-2020

Hello @yli249 ,

Neo4j is not running so I think your server is not up, try bin/neo4j start or bin/neo4j console and check the status again:)

Be aware that there is a difference between a local database from Neo4j Desktop and a remote server from Neo4j Server:)

Regards,
Cobra

yli249 · ‎05-22-2020

Hi, Cobra, I changed the neo4j.conf via terminal command according to your configuration and the log status is weird...also I still can't connect to remote graph.

Could you plz help with that?

Cobra · ‎05-23-2020

It looks like the database turns itself off, can you try reinstalling a new one? If possible with the latest version of Neo4j (> 4.0)

Regards,
Cobra

yli249 · ‎05-23-2020

Thank you so much for all you have done for me

I can remotely connect to Neo4j now.

I had a big misunderstanding which is I thought once I download both Neo4j desktop and neo4j server, they should operate together. But as you said, there's a difference between a local database from Neo4j Desktop and a remote server from Neo4j Server and we need to use terminal to connect them as well as make sure we change the right neo4j.conf.

Thank you again!

Cobra · ‎05-23-2020

No problem, you see we solved the issue , enjoy Neo4 now

Regards,
Cobra

Neo4j

Connect to remote graph issue

Network connector configuration

With default configuration Neo4j only accepts local connections.

To accept non-local connections, uncomment this line:

You can also choose a specific network interface, and configure a non-default

port for each connector, by setting their individual listen_address.

The address at which this server can be reached by its clients. This may be the server's IP address or DNS name, or

it may be the address of a reverse proxy which sits in front of the server. This setting may be overridden for

individual connectors below.

You can also choose a specific advertised hostname or IP address, and

configure an advertised port for each connector, by setting their

individual advertised_address.

By default, encryption is turned off.

To turn on encryption, an ssl policy for the connector needs to be configured

Read more in SSL policy section in this file for how to define a SSL policy.

Bolt connector

HTTP Connector. There can be zero or one HTTP connectors.

HTTPS Connector. There can be zero or one HTTPS connectors.

Number of Neo4j worker threads.

SSL policy configuration

Each policy is configured under a separate namespace, e.g.

dbms.ssl.policy..*

can be any of 'bolt', 'https', 'cluster' or 'backup'

The scope is the name of the component where the policy will be used

Each component where the use of an ssl policy is desired needs to declare at least one setting of the policy.

Allowable values are 'bolt', 'https', 'cluster' or 'backup'.

E.g if bolt and https connectors should use the same policy, the following could be declared

However, it's strongly encouraged to not use the same key pair for multiple scopes.

N.B: Note that a connector must be configured to support/require

SSL/TLS for the policy to actually be utilized.

see: dbms.connector.*.tls_level

SSL settings (dbms.ssl.policy..*)

.base_directory Base directory for SSL policies paths. All relative paths within the

SSL configuration will be resolved from the base dir.

.private_key A path to the key file relative to the '.base_directory'.

.private_key_password The password for the private key.

.public_certificate A path to the public certificate file relative to the '.base_directory'.

.trusted_dir A path to a directory containing trusted certificates.

.revoked_dir Path to the directory with Certificate Revocation Lists (CRLs).

.verify_hostname If true, the server will verify the hostname that the client uses to connect with. In order

for this to work, the server public certificate must have a valid CN and/or matching

Subject Alternative Names.

.client_auth How the client should be authorized. Possible values are: 'none', 'optional', 'require'.

.tls_versions A comma-separated list of allowed TLS versions. By default only TLSv1.2 is allowed.

.trust_all Setting this to 'true' will ignore the trust truststore, trusting all clients and servers.

Use of this mode is discouraged. It would offer encryption but no security.

.ciphers A comma-separated list of allowed ciphers. The default ciphers are the defaults of

the JVM platform.

Bolt SSL configuration

Https SSL configuration