New to KubeDB? Please start here.

Reconfiguring TLS of Neo4j Database

This guide gives an overview of how KubeDB Ops-manager reconfigures TLS for a Neo4j database, including adding TLS, rotating certificates, updating issuer reference, and removing TLS through Neo4jOpsRequest.

Before You Begin

You should be familiar with Neo4j.
You should be familiar with Neo4jOpsRequest.

How Reconfiguring Neo4j TLS Works

The following diagram shows the TLS reconfiguration flow for a Neo4j database. Open the image in a new tab to see the enlarged version.

The process consists of the following steps:

A user creates a Neo4j Custom Resource.
KubeDB Provisioner reconciles the database and creates required workloads and secrets.
To update TLS settings, the user creates a Neo4jOpsRequest with spec.type: ReconfigureTLS.
KubeDB Ops-manager watches the Neo4jOpsRequest and validates the spec.tls fields.
Ops-manager temporarily pauses conflicting reconciliation for the target database.
It applies the requested TLS action (add/update via issuerRef, rotate via rotateCertificates, or disable via remove).
It rolls/restarts the required pods so updated TLS configuration is picked up.
After successful checks, Ops-manager marks the request Successful and resumes normal reconciliation.

In the next guide, we show the step-by-step workflow for each TLS reconfiguration operation.

Next Step

Follow: Reconfigure TLS in Neo4j.

KubeDB Operator

KubeDB Platform

Internal DBaaS for platform teams

Automate database operations with GitOps

Multi-tenant database infrastructure

White-labeled DBaaS offering

Run DBaaS in secure, offline clusters

IBM DB2

MariaDB

Microsoft SQL Server

MySQL

Oracle

Percona XtraDB

PostgreSQL

SAP HanaDB

Cassandra

DocumentDB

MongoDB

Hazelcast

Ignite

Memcached

Redis

Valkey

Elasticsearch

OpenSearch

Solr

Kafka

RabbitMQ

ClickHouse

Druid

SingleStore

Milvus

Qdrant

Weaviate

Neo4j

PgBouncer

Pgpool

ProxySQL

ZooKeeper

Amazon EKS

Google GKE

Microsoft AKS

Red Hat OpenShift

SUSE Rancher

Nutanix Kubernetes Platform

Mirantis Kubernetes Engine

VMware vSphere Kubernetes Service

Alliance Partners

Channel Partners

Managed Service Providers

Operator Documentation

Platform Documentation

Orange Telecom powers its digital future with KubeDB

10× lower costs. 2× faster performance. All with KubeDB.

White-label DBaaS live in 1 month — serving 20,000+ customers

Deploy Cassandra via Kubernetes Cassandra Operator

How to Deploy ClickHouse via Kubernetes ClickHouse Operator

Deploy Memcached using Kubernetes Memcached Operator

Blog

ClickHouse Ops Requests - Day 2 Lifecycle Management for ClickHouse Using KubeDB (Part-2)

Provision and Manage Milvus on Kubernetes using KubeDB

Provision and Manage Weaviate on Kubernetes using KubeDB

Provision and Manage Qdrant on Kubernetes using KubeDB

Videos