cypher-shell not responding

Question

I am running Neo4J Community Edition 3.1.1 on Ubuntu, with openjdk version 1.8.0_131.

Until a few days ago, it was possible to launch cypher queries from command line, eg. like

> cat myscript.cql | /neo4j/neo4j-community-3.1.1/bin/cypher-shell -u
> $neo4j_user -p $neo4j_pass --format verbose

This was working fine for a long time. For some reason that I haven't been able to determine, since a few days ago cypher-shell just hangs without returning any message to the standard output.

Java version was not changed.

This is the error that I see in the logfile when cypher-shell is launched:

> 2018-08-11 21:30:01.851+0000 WARN 
> [io.netty.channel.DefaultChannelPipeline] An exceptionCaught() event
> was fired, and it reached at the tail of the pipeline. It usually
> means the last handler in the pipeline did not handle the exception.
> java.lang.ExceptionInInitializerError
> io.netty.handler.codec.DecoderException:
> java.lang.ExceptionInInitializerError
>         at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:442)
>         at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:248)
> (...) Caused by: java.lang.IllegalArgumentException: Unsupported
> customized DH key size: 4096. The key size can only range from 1024 to
> 2048 (inclusive)
>         at sun.security.ssl.ServerHandshaker.<clinit>(ServerHandshaker.java:140)
> (...)

Full log here https://www.dropbox.com/sh/a7oh7h6ta6chnc4/AABYC0NvjALnOPEPJ9-oXZdna?dl=0

Answer 1

Problem solved.

Wrong configuration in neo4j.conf:

# Expand Diffie Hellman (DH) key size from default 1024 to 2048 for DH-RSA cipher suites used in server TLS handshakes.
# This is to protect the server from any potential passive eavesdropping.
dbms.jvm.additional=-Djdk.tls.ephemeralDHKeySize=4096

Set it to an acceptable value:

dbms.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048