How to set up Neo4j securely using Amazon Web Services

Question

I'm running Neo4j Enterprise Edition on an EC2 instance.

What is the best design pattern for setting up Neo4j securely (i.e, using HTTPS) on Amazon Web Services (AWS)?

The official tutorial, https://neo4j.com/developer/neo4j-cloud-aws-ec2-ami/, creates an insecure instance.

The typical design pattern for connecting applications securely to AWS to put your EC2 instance behind an Application Load Balancer (AWS ALB). However, it appears to me that AWS ALB only accepts connections over port 80 (http) and port 443 (https). So bolt connections will not work.

It's my understanding that you cannot download certificates issued by AWS Certificate Manager.

So, what is the correct way to do this on AWS? Do I need to use a different third-party issuer to get my certificates? I prefer to use Amazon for everything when possible.

ALB can be used for **any** TCP port. – EEAA Jul 03 '17 at 02:32 — EEAA, Jul 03 '17 at 02:32

score 0 · Answer 1 · answered Jul 04 '17 at 05:32

0

I called Amazon's support and got the answer. You can use Amazon Classic Load Balancer on any port, over any TCP protocol.

Application Load Balancer only supports HTTP / HTTPS.

answered Jul 04 '17 at 05:32

Owen Brown

1
2

How to set up Neo4j securely using Amazon Web Services

1 Answers1