Here's the example from the Neo4J client driver javadoc: https://neo4j.com/docs/api/java-driver/current/org/neo4j/driver/Config.TrustStrategy.html#trustCustomCertificateSignedBy-java.io.File...-
I think creating a custom component for Neo4J is the right move. It's the only thing I've seen so far that requires a PEM and is incompatible with a JKS or P12 file. Besides, graph is a fast evolving field so I would assume most graph users take it for granted that we might need to break things to keep up with their stacks. On Tue, Oct 11, 2022 at 3:12 PM David Handermann <exceptionfact...@apache.org> wrote: > > Mike, > > Thanks for raising this issue, can you provide some links to the > documentation and source code for Neo4j? > > Although the SSL Context Service supports direct access to the Keystore and > Trust Store properties, most use cases involve having the service > instantiate an SSLContext. In this particular case, it may be better to > specify those properties directly in a Neo4j component, as opposed to > having an SSL Context Service that is essentially passing through property > values. > > Those are a couple initial thoughts, having some additional background > would help evaluate the best approach. > > Regards, > David Handermann > > On Tue, Oct 11, 2022 at 12:36 PM Mike Thomsen <mikerthom...@gmail.com> > wrote: > > > Neo4J for some reason doesn't support the standard Java keystore types > > or P12 files for its client SSL configuration. It requires the use of > > PEM files. Would it be better to extend the SSLContext service types > > to include support for PEM files or create an all new SSL Provider > > type that is geared toward only reading from PEM files? > > > > Thanks, > > > > Mike > >
