CODEWITHSUNDEEP
neo4j
Patty
Patty

Reputation: 123

Cannot connect to Neo4j from Windows: Failed to establish encrypted connection with server

When trying to connect to a Neo4j server from an application running on a Windows computer, we get this error message:

Neo4j.Driver.V1.SecurityException: Failed to establish encrypted connection with server bolt://neo4jserver:7687/. ---> System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The token supplied to the function is invalid

The Neo4j browser is working fine, only the connection to Neo4j from the application fails. This is the full call stack:

Neo4j.Driver.V1.SecurityException: Failed to establish encrypted connection with server bolt://neo4jserver:7687/. 
---> System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. 
---> System.ComponentModel.Win32Exception: The token supplied to the function is invalid   
--- End of inner exception stack trace ---
   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
   at Neo4j.Driver.Internal.Connector.TcpSocketClient.Connect(Uri uri)

   --- End of inner exception stack trace ---
   at Neo4j.Driver.Internal.Connector.PooledConnection.OnError(Exception error)
   at Neo4j.Driver.Internal.Connector.DelegatedConnection.Init()
   at Neo4j.Driver.Internal.ConnectionPool.CreateNewPooledConnection()
   at Neo4j.Driver.Internal.ConnectionPool.<>c__DisplayClass41_0.<Acquire>b__0()
   at Neo4j.Driver.Internal.LoggerBase.TryExecute[T](Func`1 func)
   at Neo4j.Driver.Internal.ConnectionPool.Acquire(CancellationToken cancellationToken)
   at Neo4j.Driver.Internal.ConnectionPool.Acquire()
   at Neo4j.Driver.Internal.ConnectionPool.Acquire(AccessMode mode)
   at Neo4j.Driver.Internal.Session.<>c__DisplayClass13_0.<Run>b__0()
   at Neo4j.Driver.Internal.LoggerBase.TryExecute[T](Func`1 func)
   at Neo4j.Driver.Internal.Session.Run(Statement statement)
   at Neo4j.Driver.Internal.StatementRunner.Run(String statement)

Upvotes: 1

Views: 1237

Answers (1)

Patty
Patty

Reputation: 123

Installing all Windows updates on the Client computer solved the issue.

Turned out that Neo4j requires clients to use TLS 1.2 when connecting, but not all Windows versions support it by default.

Probably not all updates were needed, but this was the easiest way.

This similar issue helped: https://github.com/neo4j/neo4j-dotnet-driver/issues/179

Upvotes: 1

Related Questions