Skip to content

Make driver's default SSL context respect SSLKEYLOGFILE env var#1312

Draft
robsdedude wants to merge 2 commits into
neo4j:6.xfrom
robsdedude:feat/ssl-respect-sslkeylogfile-env-var
Draft

Make driver's default SSL context respect SSLKEYLOGFILE env var#1312
robsdedude wants to merge 2 commits into
neo4j:6.xfrom
robsdedude:feat/ssl-respect-sslkeylogfile-env-var

Conversation

@robsdedude
Copy link
Copy Markdown
Member

@robsdedude robsdedude commented Jun 3, 2026
edited
Loading

This aligns the driver with Python's ssl.create_default_context() behavior:

When keylog_filename is supported and the environment variable
SSLKEYLOGFILE is set, create_default_context() enables key logging.

-- https://docs.python.org/3.14/library/ssl.html#ssl.create_default_context

The same behavior could previously be achieved by passing a custom SSLContext. However, this is much more work. Supporting the env var SSLKEYLOGFILE is a common practice for software using SSL.

Closes: DRIVERS-442

robsdedude added 2 commits June 3, 2026 17:27
@robsdedude
Make driver's default SSL context respect SSLKEYLOGFILE env var
b342f2b 
This aligns the driver with Python's `ssl.create_default_context()` behavior:

> When `keylog_filename` is supported and the environment variable
> `SSLKEYLOGFILE` is set, `create_default_context()` enables key logging.
>
> -- https://docs.python.org/3/library/ssl.html#ssl.create_default_context

The same behavior could previously be achieved by passing a custom SSLContext.
However, this is much more work. Supporting the env var `SSLKEYLOGFILE` is a
common practice for software using SSL.
@robsdedude
Add documentation
197d6be
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@robsdedude