cancel
Showing results for 
Search instead for 
Did you mean: 

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

"not secure" error with neo4j AMI

socratic
Node Link

I used Neo4j Graph Database - Community Edition from the Amazon Marketplace to set up an AMI. When I access it in my browser, I get an error message that the connection is not secure. The Chrome browser says "Your connection is not private", due to NET::ERR_CERT_AUTHORITY_INVALID
How do I fix this?

1 ACCEPTED SOLUTION

This occurs because you don't have a valid SSL certificate associated with the server. Because your SSL certificate is not signed by a certificate authority, you get this warning in your browser.

You can fix it by getting certificates. Here's a walkthrough on how to do that:

For cloud deploys, we have the constraint that we have to start with an encrypted channel, you wouldn't' want to pass your username/password in the clear. But without knowing your local DNS configuration, the cloud image can't do the certificate bits for you. You can either use Neo4j on port 7474 (unencrypted) or you can get a certificate, either approach will fix this issue.

View solution in original post

4 REPLIES 4

This occurs because you don't have a valid SSL certificate associated with the server. Because your SSL certificate is not signed by a certificate authority, you get this warning in your browser.

You can fix it by getting certificates. Here's a walkthrough on how to do that:

For cloud deploys, we have the constraint that we have to start with an encrypted channel, you wouldn't' want to pass your username/password in the clear. But without knowing your local DNS configuration, the cloud image can't do the certificate bits for you. You can either use Neo4j on port 7474 (unencrypted) or you can get a certificate, either approach will fix this issue.

Thank you for the quick and detailed reply!

@david.allen - I tried to get the certificate as mentioned in the article above and get an error that certificate cannot be issued as it is forbidden by policy


Any suggestions?

LetsEncrypt will not generate certs for dynamic hostnames that you don't control. The default EC2 hostnames are that situation. You must have a DNS address you can prove you control. Consult their documentation.