Mobile Device Connector prerequisites - Linux

The following prerequisites must be met in order to install Mobile Device Connector on Linux:

A Database Server already installed and configured with a root account (a user account does not have to be created prior to installation, the installer can create the account).

An ODBC Driver for the connection to the database server (MySQL / MS SQL) installed on the computer. See the chapter ODBC installation and configuration.

details_hoverNOTE

You should use unixODBC_23 package (not the default unixODBC) in order for the MDC to connect to the MySQL database without any issues. This is especially true for SUSE Linux.

details_hoverNOTE

We recommend that you deploy your MDM component on a host device separate from the one ESMC Server is hosted on.

MDMCore installation file set as an executable.

chmod +x MDMCore-Linux-x86_64.sh

After installation, verify that MDMCore service is running.

service mdmcore status

The minimum supported version of OpenSSL is openssl-1.0.1e-30. openssl-1.1.* and later is not supported. There can be more versions of OpenSSL installed on one system in the same time. At least one supported version must be present on you system.

oYou can use the command openssl version to show current default version.

oYou can list all versions of OpenSSL present on your system. See the file names endings listed using the command sudo find / -iname *libcrypto.so*

oFedora Linux users should use compat-openssl10 package.

details_hoverNOTE

If your MDM database on MySQL is too large (thousands of devices) the default innodb_buffer_pool_size value is too small. For more information on database optimizing see: https://dev.mysql.com/doc/refman/5.6/en/optimizing-innodb-diskio.html

Certificate requirements

You will need an SSL certificate in .pfx format for secure communication over HTTPS. We recommend that you use a certificate provided by a Certification Authority (ESMC CA or 3rd party CA). Self-signed certificates are not recommended because not all mobile devices let users to accept self-signed certificates. This is not an issue with CA signed certificates, because they are trusted and do not require acceptance by the user.

You need to have a certificate signed by CA (ESMC CA or a 3rd party CA), and the corresponding private key, and utilize standard procedures (traditionally using OpenSSL), to merge those  into one .pfx file:
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out httpsCredentials.pfx
This is the standard procedure for most servers which use SSL certificates.

For Offline installation, you will also need a Peer certificate (the Agent certificate exported from ESET Security Management Center). Alternatively, you can use your custom certificate with ESMC.