Skip to content

Default to unencrypted connection on the driver. #620

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 22, 2019
Merged

Default to unencrypted connection on the driver. #620

merged 2 commits into from
Aug 22, 2019

Conversation

zhenlineo
Copy link
Contributor

@zhenlineo zhenlineo commented Aug 6, 2019
edited
Loading

Removed insecure TrustAllCerts SecurityPlan.
Default to always perform client host name verification when encryption is on.
Deleted some code used to support server version earlier than 3.3.0.

Update boltkit to install a self-signed cert for 4.0 servers after download.

@zhenlineo zhenlineo force-pushed the 2.0-default-unencrypted branch 6 times, most recently from 7fccdc9 to ec8fb96 Compare August 13, 2019 12:19
ali-ince
ali-ince reviewed Aug 15, 2019
View reviewed changes
Copy link
Contributor

@ali-ince ali-ince left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zhenlineo AFAIK, a user still is allowed to use TRUST_ALL_CERTIFICATES but our default value is desired to be TRUST_SYSTEM_CA_CERTIFICATES.

Maybe worth confirming and acting accordingly?

@zhenlineo
Copy link
Contributor Author

@ali-ince You are right, fixing>>>

Default to unencrypted connection on the driver.
a7fb60b 
Removed insecure TrustAllCerts SecurityPlan.
Default to always perform client host name verification when encryption is on.

Deleted some code used to support server version earlier than 3.3.0.
@zhenlineo zhenlineo force-pushed the 2.0-default-unencrypted branch from ec8fb96 to ff2756e Compare August 21, 2019 14:26
@zhenlineo zhenlineo force-pushed the 2.0-default-unencrypted branch from ff2756e to a0857fd Compare August 21, 2019 14:53
@zhenlineo zhenlineo merged commit cde37b8 into neo4j:2.0 Aug 22, 2019
@zhenlineo zhenlineo deleted the 2.0-default-unencrypted branch August 22, 2019 10:34
@fbiville fbiville mentioned this pull request Nov 12, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ali-ince ali-ince ali-ince left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@zhenlineo @ali-ince