This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

How to fix [ServiceUnavailable: WebSocket connection failure] error on neo4j-enterprise AMI deployed on EC2?

manish_giri_me
Node Clone

‎04-16-2019 01:28 AM

I followed the Hosting Neo4j on EC2 guide and after several hours of resolving errors, I was able to launch Neo4j on the AMI running on an EC2 instance.

However, as soon as I tried to connect to it via Chrome (https://[PublicDnsName]:7473) and logged in, it threw the error -

ServiceUnavailable: WebSocket connection failure. Due to security constraints in your web browser, the reason for the failure is not available to this Neo4j Driver. Please use your browsers development console to determine the root cause of the failure. Common reasons include the database being unavailable, using the wrong connection URL or temporary network problems. If you have enabled encryption, ensure your browser is configured to trust the certificate Neo4j is configured to use. WebSocket readyState is: 3

There are numerous reports of this very issue all over, and the only suggested solution seems to be this answer posted by Dana Canzano.

This error can be resolved by editing the file $NEO4J_HOME/conf/neo4j.conf and uncommenting:

# To have Bolt accept non-local connections, uncomment this line:
dbms.connector.bolt.address=0.0.0.0:7687

However, when I ssh-ed into the EC2 instance, the first thing I noticed was that the neo4j.conf file was right in /home/ubuntu, unlike the other areas as mentioned in other answers.

Also, I didn't find this pre-commented line :dbms.connector.bolt.address=0.0.0.0:7687 anywhere in the file, so I just added it in.

The file (network part) now looks like this:

#*****************************************************************
# Network connector configuration
#*****************************************************************

# With default configuration Neo4j only accepts local connections.
# To accept non-local connections, uncomment this line:
dbms.connectors.default_listen_address=$dbms_connectors_default_listen_address

# You can also choose a specific network interface, and configure a non-default
# port for each connector, by setting their individual listen_address.

# The address at which this server can be reached by its clients. This may be the server's IP address or DNS name, or
# it may be the address of a reverse proxy which sits in front of the server. This setting may be overridden for
# individual connectors below.
dbms.connectors.default_advertised_address=$EXTERNAL_IP_ADDR

# You can also choose a specific advertised hostname or IP address, and
# configure an advertised port for each connector, by setting their
# individual advertised_address.

# Bolt connector
dbms.connector.bolt.enabled=$dbms_connector_bolt_enabled
dbms.connector.bolt.tls_level=$dbms_connector_bolt_tls_level
dbms.connector.bolt.listen_address=$dbms_connector_bolt_listen_address
dbms.connector.bolt.address=0.0.0.0:7687
# HTTP Connector. There must be exactly one HTTP connector.
dbms.connector.http.enabled=$dbms_connector_http_enabled
dbms.connector.http.listen_address=$dbms_connector_http_listen_address

# HTTPS Connector. There can be zero or one HTTPS connectors.
dbms.connector.https.enabled=$dbms_connector_https_enabled
dbms.connector.https.listen_address=$dbms_connector_https_listen_address

After this, I tried to reconnect from Chrome, but it still showed the same error. Figuring that Neo4j would need to be restarted, I tried sudo service neo4j stop followed by sudo service neo4j start but still, it shows the same error, on Chrome, Firefox and Edge.

That thread by Dana Canzano also has unanswered questions on pretty much the same issue I'm facing.

I went through this SO question which is almost the same as my issue, and tried the suggestions given in the question, but it didn't help.

Here's a screenshot of the necessary rules in my security group for the ec2 instance (properly configured) -

2X_5_5de545728ff0f5a0ea1a981ff0c3843462d0e8db.png

After hours and hours of debugging errors due to poorly written guides with incomplete or inaccurate information, I'm very near to giving up. Would appreciate any help.

Labels:
Reply
1 REPLY 1

david_allen
Neo4j
Neo4j

‎04-16-2019 04:13 AM

Sorry you're running into so many issues, but I can see from your post that there are a number of things going wrong. Here's a rundown of what they are and what you can do to fix them.

The "service unavailable" error is caused by the fact that a newly launched amazon VM does not have an SSL certificate. This occurs because your browser is trying to connect to both ports 7473 (HTTPS) and 7687 (bolt) and many browser won't do this if the SSL cert is untrusted, without you first trusting it.
See the second issue in this post:

That post has a list of resolutions, including getting your own certificates.

Also, if you're modifying /home/ubuntu/neo4j.conf, this is the wrong file to modify. There is documentation here about how Neo4j Cloud VMs work, and the file you should be modifying is /etc/neo4j/neo4j.template

Additionally - the command used to restart the system service is systemctl restart neo4j not service neo4j.

Finally -- changing the line with dbms.connector.bolt.address will not resolve the error you're encountering. You need to either have your browser trust the SSL cert, or get a trusted SSL certificate.

0 Kudos
Reply
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online

Watch replays