Access from AWS resources

Having trouble connecting to an AWS instance that's running neo4j. I'm running Community Edition 3.3.9, trying to run cartography (recently open-sourced from Lyft) which requires that specific version.

I've opened up ports: 7473, 7474 and 7687 to the world on this machine, which has a public DNS name

I've updated conf/neo4j.conf with the following (and restarted the process a few times)

dbms.connector.https.address=0.0.0.0:7473
dbms.connector.https.listen_address=0.0.0.0:7473
dbms.connector.bolt.address=0.0.0.0:7687
dbms.connector.bolt.listen_address=0.0.0.0:7687

I'm on Chrome, and needed to "proceed with caution to an untrusted site" to view the browser page, but now that works - it asks me to sign in.

When I try to sign in, I get:
ServiceUnavailable: WebSocket connection failure. Due to security constraints in your web browser, [...]

which after some googling and stackingoverflow, suggested it might be because bolt:7687 isn't also untrusted-but-allowed, so I tried going to: {public_dns}:7687 and all I get is:
not a WebSocket handshake request: missing upgrade

I've tried both with http and https; if I try with bolt then chrome thinks it's a local file; so maybe I'm missing something.

Any help would be greatly appreciated - I'm trying to piece it together from various disparate results, spread across neo4j official documentation, forum posts, and outside sources, none of which seem very comprehensive for how to enable/access neo4j remotely.

I think it is because it tries to access via https and then also encrypted bolt.

Best to get a certificate for your server so that it doesn't use the self-signed certs anymore