Explanation of error on session connection using uniform drivers
As described by http://neo4j.com/docs/developer-manual/current/drivers/#_trust, when establishing an encrypted connection, it needs to be verified that the remote peer is who we expected to connect to.
The default connection is to 'Trust on first use' and to do so indicates that we will read and write a certificate value in ~/.neo4j/known_hosts
.
Upon upgrading from 3.0.0 to 3.0.1 future connections may error, when establishing the connection to Neo4j, for example:
Java:
General SSLEngine problem
Python:
neo4j.v1.exceptions.ProtocolError: Server certificate does not match known certificate for 'localhost'; check details in file /home/neo4j/.neo4j/known_hosts
As detailed in the Python error message, the failure is a result of reading the /home/neo4j/.neo4j/known_hosts
, where /home/neo4j
is the users default home directory, and to which the file at `~/.neo4j/`known_hosts has a certificate which is no longer valid.
An example of the content of this file is:
localhost:MIIBoTCCAQqgAwIBAgIIe+AjK7iGHqMwDQYJKoZIhvcNAQENBQAwEjEQMA4GA1UEAwwHMC4wLjAuMDAgFw0xNTA1MTExODE3MzZaGA85OTk5MTIzMTIzNTk1OVowEjEQMA4GA1UEAwwHMC4wLjAuMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0Q5XpjnNv2oRs2mB+hx9Ef9txxk3pOWz/FICKb8cZHxMmCDP6IPcuxMh3fW4FRtAeZQCxyRfOrnevnedtW2PdPvqf14lUi1aFDcXHav1Rc6sAgpdLaj3C25G4XjDrBH9tADp6+xbYOpiVmrrwGjRy9SI0k4NgDj4j8YF1yE1boUCAwEAATANBgkqhkiG9w0BAQ0FAAOBgQAkJp+2Z0bD4BJE0XR0HJUOfQwLTxLp4pzSWn77xI11m9AfH0dFdpz2KIIntLNT7fJh8jo25OUH5QqhKIIkzg9wZU80LkTcyEOjbDUW2Sf5yhiu9I2cIQaiJ4Mr8BHaEFbC73iVObGOperSVmOuddcSJAKKHmfeMH4Xmo/uBlc2/Q==
To resolve the failure above, simply delete the line which references localhost
from the known_hosts
file.
Is this page helpful?