I have just installed Neo4J Desktop on Windows and is unable to start any database. Inspecting the log C:\Users\mkharitonov.Neo4jDesktop\log.log reveals the root cause - UNABLE_TO_GET_ISSUER_CERT_LOCALLY with the following stack trace:
stack: 'RequestError: unable to get local issuer certificate\n' +
' at ClientRequest.<anonymous> (C:\\Users\\mkharitonov\\AppData\\Local\\Programs\\Neo4j Desktop\\resources\\app.asar\\node_modules\\got\\source\\request-as-event-emitter.js:178:14)\n' +
' at Object.onceWrapper (events.js:291:20)\n' +
' at ClientRequest.emit (events.js:208:15)\n' +
' at ClientRequest.EventEmitter.emit (domain.js:476:20)\n' +
' at ClientRequest.origin.emit (C:\\Users\\mkharitonov\\AppData\\Local\\Programs\\Neo4j Desktop\\resources\\app.asar\\node_modules\\@szmarczak\\http-timer\\source\\index.js:37:11)\n' +
' at TLSSocket.socketErrorListener (_http_client.js:399:9)\n' +
' at TLSSocket.emit (events.js:203:13)\n' +
' at TLSSocket.EventEmitter.emit (domain.js:476:20)\n' +
' at emitErrorNT (internal/streams/destroy.js:91:8)\n' +
' at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)\n' +
' at processTicksAndRejections (internal/process/task_queues.js:77:11)'
And it makes sense. This is corporate network and we use ZScaler among other things. There are extra trusted certificates in the Windows Certificate Store.
However, Neo4J desktop seem to look for certificates somewhere else.
I can extract the required certificates in whatever format is needed, but I have no idea where to place them for the Neo4J Desktop to see them.
What should I do?
P.S.
I also posted the question here - https://stackoverflow.com/questions/66390088/desktop-1-4-1-on-windows-starting-any-database-immediately-fails-with-the-erro
EDIT 1
From looking around I understand the following:
- Neo4j Desktop uses Electron frontend.
- The Electron frontend uses electron.build package management system to keep itself up-to-date
- When I start a database, the frontend calls the auto updater (part of electron.build) to check the latest version. This code is unaware of the additional certificates that must be trusted.
As a result it blows up.
I could not find how to disable the auto updater or let it know of additional trusted certificates.