TLS over HTTPS working; BOLT fails

[Jesse Hemingway]

I'm using a CA-issued SSL cert to secure both HTTPS and BOLT from a single Neo4j instance. Connections over HTTPS are working just fine, and the browser likes the cert. However, when connecting via the Bolt driver (1.0.2 for Node.js), I'm getting this error:

You are using TRUST_SIGNED_CERTIFICATES as the method to verify trust for encrypted  connections, but have not configured any trustedCertificates. You  must specify the path to at least one trusted X.509 certificate for this to work. Two other alternatives is to use TRUST_ON_FIRST_USE or to disable encryption by setting encrypted=false in your driver configuration.

Does anyone know why it would work with one and not the other? The certificates folder is obviously correct if HTTPS is working, and here are the other pertinent bit of my neo4j.conf file:

 

# Bolt connector

dbms.connector.bolt.type=BOLT

dbms.connector.bolt.enabled=true

dbms.connector.bolt.tls_level=REQUIRED

dbms.connector.bolt.address=0.0.0.0:7687 

Thanks for any insight.