You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/ROOT/pages/security/ssl-framework.adoc
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -269,11 +269,11 @@ The SSL policies are configured by assigning values to parameters of the followi
269
269
| `trusted_dir` | A directory populated with certificates of trusted parties. | `trusted/`
270
270
| `revoked_dir` | A directory populated with certificate revocation lists (CRLs). | `revoked/`
271
271
3+^.^| *Advanced*
272
-
| `verify_hostname` | Enabling this setting turns on client-side hostname verification.
272
+
| `verify_hostname` footnote:[In Neo4j 2025.01, the default value is changed from `false` to `true`.] | Enabling this setting turns on client-side hostname verification.
273
273
After receiving the server's public certificate, the client compares the
274
274
address it uses against the certificate Common Name (CN) and Subject Alternative
275
275
Names (SAN) fields.
276
-
If the address does not match those fields, the client disconnects. | `false`
276
+
If the address does not match those fields, the client disconnects. | `true`
277
277
| `ciphers` | A comma-separated list of ciphers suites allowed during cipher negotiation.
278
278
Valid values depend on the current JRE, SSL provider, and TLS version.
279
279
For Ciphers supported by the Oracle JRE, see the link:https://docs.oracle.com/en/java/javase/17/docs/specs/security/standard-names.html#jsse-cipher-suite-names[Oracle official documentation].
0 commit comments