Mobile Device Connector prerequisites - Linux

The following prerequisites must be met in order to install Mobile Device Connector on Linux:

A Database Server already installed and configured with a root account (a user account does not have to be created prior to installation, the installer can create the account).

An ODBC Driver for the connection to the database server (MySQL / MS SQL) installed on the computer. See the chapter ODBC installation and configuration.

note

Note

You should use unixODBC_23 package (not the default unixODBC) in order for the MDC to connect to the MySQL database without any issues. This is especially true for SUSE Linux.

note

Note

We recommend that you deploy your MDM component on a host device separate from the one ESET PROTECT Server is hosted on.

MDMCore installation file set as an executable.

chmod +x mdmcore-linux-x86_64.sh

After installation, verify that MDMCore service is running.

service eramdmcore status

We recommend that you use the latest OpenSSL version (1.1.1). The minimum supported version of OpenSSL is openssl-1.0.1e-30. There can be more versions of OpenSSL installed on one system in the same time. At least one supported version must be present on you system.

oYou can use the command openssl version to show current default version.

oYou can list all versions of OpenSSL present on your system. See the file names endings listed using the command sudo find / -iname *libcrypto.so*

oFedora Linux users should use compat-openssl10 package.

note

Note

If your MDM database on MySQL is too large (thousands of devices) the default innodb_buffer_pool_size value is too small. For more information on database optimizing see: https://dev.mysql.com/doc/refman/5.6/en/optimizing-innodb-diskio.html

Certificate requirements

You will need an SSL certificate in .pfx format for secure communication over HTTPS. We recommend that you use a certificate provided by a third-party Certification Authority. Self-signed certificates (including certificates signed by the ESET PROTECT CA) are not recommended because not all mobile devices let users accept self-signed certificates.

You need to have a certificate signed by CA and the corresponding private key, and utilize standard procedures (traditionally using OpenSSL), to merge those  into one .pfx file:
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out httpsCredentials.pfx
This is the standard procedure for most servers which use SSL certificates.

For Offline installation, you will also need a Peer certificate (the Agent certificate exported from ESET PROTECT). Alternatively, you can use your custom certificate with ESET PROTECT.