How to use bolt protocol in java to directly execute cypher query in AWS Neptune Service


I am following the following article to query cypher query on the Neptune instance:- Cypher Using Bolt

I want to execute the cypher query directly on the AWS Neptune Instance without translating it to the gremlin.

Following is the error I am getting, despite following the code as shown in the documentation.

""" Exception in thread "main" org.neo4j.driver.exceptions.ServiceUnavailableException: Failed to establish connection with the server at org.neo4j.driver.internal.util.Futures.blockingGet(

Caused by: not an SSL/TLS record: 485454502f312e31203430302042616420526571756573740d0a5365727665723a20617773656c622f322e30 (trimmed) """

I am also putting the sample java code for your reference:-

public class TestImpl {

    private static final String ACCESS_KEY = "XYZ";

    private static final String SECRET_KEY = "ABC";

    private static final String SERVICE_REGION = "AAAA";

    private static final Gson GSON = new Gson();

    public static void main(String[] args) {

        String URL = "bolt://URL:PORT";
        final Driver driver =
            GraphDatabase.driver(URL, AuthTokens.basic("username", getSignedHeader()), getDefaultConfig());

        String query = "MATCH (ruleSet:RULE_SET) " +

            "WHERE ruleSet.refId = \"aws-iam-best-practices\" " +

            "RETURN ruleSet.refId as refId, as name, collect(ruleSet.ruleIds) as ruleIds";


        final Record rec = driver.session().run(query).list().get(0);



    private static Config getDefaultConfig() {
        return Config.builder()
            .withConnectionTimeout(30, TimeUnit.SECONDS)

    private static String getSignedHeader() {
        // If you are using permanent credentials, use the BasicAWSCredentials access key and secret key
        final BasicAWSCredentials permanentCreds = new BasicAWSCredentials(ACCESS_KEY, SECRET_KEY);
        final AWSCredentialsProvider creds = new AWSStaticCredentialsProvider(permanentCreds);

        // Or, if you are using temporary credentials, use the BasicSessionCredentials to
        // pass the access key, secret key, and session token, like this:
        //   final BasicSessionCredentials temporaryCredentials = new BasicSessionCredentials(ACCESS_KEY, SECRET_KEY, AWS_SESSION_TOKEN);
        //   final AWSCredentialsProvider tempCreds = new AWSStaticCredentialsProvider(temporaryCredentials);

        String signedHeader = "";

        final Request<Void> request = new DefaultRequest<Void>("neptune-db"); // Request to neptune

        // Comment out the following line if you're using an engine version older than

        final AWS4Signer signer = new AWS4Signer();
        signer.sign(request, creds.getCredentials());
        signedHeader = getAuthInfoJson(request);

        return signedHeader;

    private static String getAuthInfoJson(final Request<Void> request) {
        final Map<String, Object> obj = new HashMap<>();
        obj.put("Authorization", request.getHeaders().get("Authorization"));
        obj.put("HttpMethod", request.getHttpMethod());
        obj.put("X-Amz-Date", request.getHeaders().get("X-Amz-Date"));
        obj.put("Host", request.getEndpoint().getHost());

        // If temporary credentials are used, include the security token in
        // the request, like this:
        //   obj.put("X-Amz-Security-Token", request.getHeaders().get("X-Amz-Security-Token"));

        final String json = GSON.toJson(obj);
        return json;

Please guide me on what is my mistake in this process. Thanking you in advance for it :).

asked a year ago161 views
1 Answer

Hi! It looks like you are trying to use IAM authentication but not following the correct steps for that. BOLT is complaining because the connect is requiring TLS but you aren't hitting a TLS endpoint. Try looking at the example for connecting with IAM here ( and see if that helps.

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions