Neo4j https通讯 [英] Neo4j https communication
问题描述
有没有办法只允许https而不是http来与Neo4j服务器进行通信?此外,Neo4j Shell的通信使用哪个频道,http或https?
Is there any way to allow only https, instead of http, for the communication with the Neo4j server? Also, which channel does the Neo4j Shell's communication use, http or https?
推荐答案
来自 http://docs.neo4j.org/chunked/stable/security-server.html :
HTTPS支持
Neo4j服务器内置支持通过HTTPS进行SSL加密通信。服务器第一次启动时,会自动生成自签名SSL证书和私钥。由于证书是自签名的,因此依赖于生产使用是不安全的,相反,您应该为服务器提供自己的密钥和证书。
HTTPS support The Neo4j server includes built in support for SSL encrypted communication over HTTPS. The first time the server starts, it automatically generates a self-signed SSL certificate and a private key. Because the certificate is self signed, it is not safe to rely on for production use, instead, you should provide your own key and certificate for the server to use.
To提供您自己的密钥和证书,替换生成的密钥和证书,或更改neo4j-server.properties文件以设置证书和密钥的位置:
To provide your own key and certificate, replace the generated key and certificate, or change the neo4j-server.properties file to set the location of your certificate and key:
# Certificate location (auto generated if the file does not exist)
org.neo4j.server.webserver.https.cert.location=ssl/snakeoil.cert
# Private key location (auto generated if the file does not exist)
org.neo4j.server.webserver.https.key.location=ssl/snakeoil.key
Note that the key should be unencrypted. Make sure you set correct permissions on the private key, so that only the Neo4j server user can read/write it.
Neo4j还支持链式SSL证书。这需要将PEM格式的所有证书组合在一个文件中,私钥需要采用DER格式。
Neo4j also supports chained SSL certificates. This requires to have all certificates in PEM format combined in one file and the private key needs to be in DER format.
您可以设置HTTPS连接器应绑定到的端口在相同的配置文件中,以及关闭HTTPS:
You can set what port the HTTPS connector should bind to in the same configuration file, as well as turn HTTPS off:
# Turn https-support on/off
org.neo4j.server.webserver.https.enabled=true
# https port (for all data, administrative, and UI access)
org.neo4j.server.webserver.https.port=443
关于你的第二个问题:Neo4j Shell的通信使用哪个频道,http或https?默认频道为http。
About your second question: which channel does the Neo4j Shell's communication use, http or https? The default channel is http.
这篇关于Neo4j https通讯的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
