fix: PROXY_VALIDATE_SSL = False by default on Neo4j proxy (amundsen-i…

…o#142) * PROXY_ENCRYPTED = False by default on Neo4j proxy * Update * Update
benrifkind · Jun 10, 2020 · 3c0149c · 3c0149c
1 parent fe3335e
commit 3c0149c
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/metadata_service/config.py b/metadata_service/config.py
@@ -33,9 +33,13 @@ class Config:
 
     PROXY_USER = os.environ.get('CREDENTIALS_PROXY_USER', 'neo4j')
     PROXY_PASSWORD = os.environ.get('CREDENTIALS_PROXY_PASSWORD', 'test')
+
     PROXY_ENCRYPTED = True
     """Whether the connection to the proxy should use SSL/TLS encryption."""
-    PROXY_VALIDATE_SSL = True
+
+    # Prior to enable PROXY_VALIDATE_SSL, you need to configure SSL.
+    # https://neo4j.com/docs/operations-manual/current/security/ssl-framework/
+    PROXY_VALIDATE_SSL = False
     """Whether the SSL/TLS certificate presented by the user should be validated against the system's trusted CAs."""
 
     IS_STATSD_ON = False

diff --git a/metadata_service/proxy/neo4j_proxy.py b/metadata_service/proxy/neo4j_proxy.py
@@ -49,7 +49,7 @@ def __init__(self, *,
                  password: str = '',
                  num_conns: int = 50,
                  max_connection_lifetime_sec: int = 100,
-                 encrypted: bool = True,
+                 encrypted: bool = False,
                  validate_ssl: bool = False) -> None:
         """
         There's currently no request timeout from client side where server

diff --git a/setup.py b/setup.py
@@ -2,7 +2,7 @@
 
 from setuptools import setup, find_packages
 
-__version__ = '2.5.2'
+__version__ = '2.5.3'
 
 
 requirements_path = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'requirements.txt')