Introduction
This guide describes Mideye Server 5 installation, upgrade and uninstall procedures for a
Prerequisites
Before executing the Mideye Server 5 installation package you need the following:
- An updated Linux RPM release
- An empty database on MariaDB or MySQL dedicated for Mideye.
Currently tested on following distributions.
- CentOS 7 – EL7
- MariaDB 10.2 or later
Firewall
For required firewall openings, please refer to the Firewall section of the Pre-install checklist. During initial server configuration, the communication between the Mideye Server and the secondary Mideye switch will be verified. The firewall opening between the them must be completed before it is possible to proceed with this part of the installation.
Installation Path
The Mideye Server installation folder is /opt/mideyeserver/.
EL7 Specific Installation
Install MariaDB – EL7
Install MariaDB with following command.
yum -y install mariadb-server
To start MariaDB and enable it after reboot in. Run following commands.
systemctl enable mariadb
systemctl start mariadb
MariaDB configuration – EL7
Remove default databases and create a root user password. The root password is empty by default.
mysql_secure_installation
Create MideyeServer database and user for connecting to database.
mysql -uroot -p Enter password: <password you set in mysql_secure_installation> CREATE DATABASE MideyeServer_DB CHARACTER SET utf8mb4 COLLATE utf8mb4_swedish_ci; CREATE USER 'mideye'@'localhost' IDENTIFIED BY 'user_password'; GRANT ALL PRIVILEGES ON MideyeServer_DB.* TO 'mideye'@'localhost'; FLUSH PRIVILEGES;
Mideye Server 5 Installation – EL7
!Alert! Since Mideye Server 5.4.3 the new packages are available in the “final” repository folder, instead of “release”. Please use the configuration documented below for the file mideye.repo to install Mideye Server 5.4.3 and later.
Create /etc/yum.repos.d/mideye.repo
and add following config
EL7 repository
[Mideye-release] name=MideyeServer 5 release repository. baseurl=http://yum.mideye.se/el7/final gpgkey=http://www.mideye.se/RPM-GPG-KEY-pmanager gpgcheck=1
Save the file.
Install Mideye Server with following command.
yum -y install mideyeserver
Edit /opt/mideyeserver/config/application-prod.yml
with the correct database, username and password. The example below contains the settings from MariaDB configuration commands above. (The yml file is dependent on correct line indents so don’t change the indents.)
url: jdbc:mariadb://localhost:3306/MideyeServer_DB
username: mideye
password: user_password
To start the Mideye Server 5 and enable it after reboot in CentOS7 / EL7 run following command.
systemctl enable mideyeserver
systemctl start mideyeserver
Pre-configuration checks
Firewall
For required firewall openings, please refer to the Firewall section of the Pre-install checklist. During initial server configuration, the communication between the Mideye Server and the secondary Mideye switch will be verified. This firewall opening must be completed before it is possible to proceed with the installation.
Mideye Server 5 is by default listening on port TCP/8443 and UDP/1812.
To open TCP 8443 and UDP 1812 on centos 7 run following commands if the local zone is public.
firewall-cmd --get-active-zones firewall-cmd --zone=public --permanent --add-port=8443/tcp firewall-cmd --zone=public --permanent --add-port=1812/udp firewall-cmd --reload
Installation Path
The Mideye Server installation folder is /opt/mideyeserver/.
If a connection to the Mideye Server Web GUI fails, verify that the MideyeServer service is running on the Mideye Server and the firewall port is open. See the section Troubleshooting for further troubleshooting.
Initial server configuration
The first time browsing to Mideye Web GUI, two options will be presented:
Create a new clean Mideye Server 5
Selecting “New” will give the option to configure a new server, with no imported settings.
Import settings from Mideye Server 4
As an option, settings from an existing Mideye Server release 4 can be imorted. See the section Import wizard for further details.
New installation
The following section will show a new installation of Mideye Server 5. Before proceeding, make sure to have the customer-specific TCP port available. Contact support@mideye.com for further information.


To protect the web interface from unauthorized access, a challenge from the Mideye Server logs must be fetched before proceeding. This challenge is located in /opt/mideyeserver/log/mideyeserver.log and can only be accessed by local administrators.


Enter the customer-specific TCP port obtained from Mideye Support. The Web GUI will automatically try to connect to secondary public Mideye Service based on the TCP port provided, and the connection must be established before proceeding. DNS records are used for accessing this service (secondary.mideye.com), and if no DNS is available on the Mideye Server the IP address can be added manually using the “Show advanced settings”. Replace the hostnames with the following IP addresses:
- primary.mideye.com : 217.151.192.84
- secondary.mideye.com: 79.136.112.54
If no connection can be established, make sure that no firewalls are blocking the TCP-traffic between the Mideye Server and Mideye’s public secondary service. For further troubleshooting, contact support@mideye.com.
When the “Connection to Secondary Mideye Switch is valid” shows up with a green bar, select “Continue”.
Be advised, that during a new installation, the Mideye Server will only be able to contact secondary.mideye.com. The firewall opening to primary.mideye.com will first take place after traffic has been sent from the customers Mideye Server to secondary.mideye.com. This will take a few days to complete. During this time, the installation can be completed and traffic will be handled by secondary.mideye.com.

The next step of the initial server configuration will add an LDAP profile for searching user accounts. This step is optional and by clicking “Skip,” this step can be ignored.
- Give the LDAP profile a friendly name and choose “LDAP Server Type”. Add the IP or the hostname of the LDAP server and specify which port to use.
- The Mideye server needs a service account with read permissions to the LDAP catalog. The account can be specified with DN or with UPN.
- Check the LDAPS box if TLS protection should be used. Make sure to select the correct port if enabled. Click “Fetch certificate” to import the certificate.
- Add the search base of the LDAP directory. This must be specified in DN-format.
Click

Final step is to add a RADIUS client. This step is optional and can also be done later.
- Give the RADIUS client a friendly name.
- Specify an IP or hostname of the client.
- Add a shared secret for the RADIUS client.

Review the configuration and click “Finish Setup”

Once the post-installation is done, simply login to the Web GUI using the root account. For further configuration of the Mideye Server, see
Import wizard
It is not possible to directly upgrade from Mideye Server 4 to Mideye Server 5, but there is an option to migrate configuration data with the import wizard. The import will also include the last 100 000 login statistics and accounting entries from the last year. It is recommended to keep a backup of the old R4 database if older statistics and accounting data must be retained.
Before proceeding, make sure you have the following information available:
- IP or hostname of the old SQL-server
- Name of the database
- Credentials with read access to the database
- Mideye Server 5 must be able to contact the Mideye Server 4 database



To protect the web interface from unauthorized access, a challenge from the Mideye Server logs must be fetched before proceeding. This challenge is located in%installdir%\log\mideyeserver.log and can only be accessed by local administrators.

Select what kind of database that should be used to migrate the settings to Mideye Server 5.
- Enter the IP or the hostname of the old Mideye Servers database
- Enter the port used by the old database
- Enter instance (if applicable)
- Enter domain if Windows account is used
- Enter Database name
- Enter
username and password
Click Continue to connect to the database.
Note that this wizard will only work with release 4.6.5 and above. If an older version is installed,

Review configuration data that will be imported.

Progress bars will show the import status. The current version (5.0) might not show the bars in all web browsers. If that’s the case, make sure the migration is completed by

Upgrade
If a previous version of R5 is already installed, you can run
Note that upgrade from releases prior to R5 will not work. Please refer to the Import wizard section for
Backup
Before proceeding with an upgrade, take a backup of the Mideye Server file system and the Mideye database. Some files containing customized settings may need to be replaced after the update.
Mideye Server file system
To take a backup of the Mideye Server, copy or compress the whole Mideye Server installation directory. The default directory is:
/opt/mideyeserver
Database
To take a backup of the Mideye Server database on MySQL, run the following command:
# mysqldump -u[username] -p[password] [database name] > mideye_backup.sql
where [username]/[password] are the database login credentials.
Upgrade Mideye Server 5
Note: To execute the installation/upgrade package, local administrator
!Alert! Since Mideye Server 5.4.3 the new packages are available in the “final” repository folder, instead of “release”. Please use the configuration documented below for the mideye.repo file to upgrade/install Mideye Server 5.4.3 and later.
Depending on if the Mideye Server is installed on EL6 or EL7 the midye.repo file is configured differently.
Edit /etc/yum.repos.d/mideye.repo
and enter either the EL6 (CentOS 6) or EL7 (CentOS 7) configuration.
EL6 repository
[Mideye-release] name=MideyeServer 5 release repository. baseurl=http://yum.mideye.se/el6/final gpgkey=http://www.mideye.se/RPM-GPG-KEY-pmanager gpgcheck=1
EL7 repository
[Mideye-release] name=MideyeServer 5 release repository. baseurl=http://yum.mideye.se/el7/final gpgkey=http://www.mideye.se/RPM-GPG-KEY-pmanager gpgcheck=1
To update the Mideye Server run:
yum update mideyeserver -y
After the Mideye Server is updated restart the Mideye Server service.
systemctl restart mideyeserver
Uninstall
If the latest version of the Mideye Server is already installed, running yum remove mideyeserver remove it. Removing the Mideye Server keeps the database, configuration and log files intact. These can be removed manually.
Change database configuration
In same cases the databases must be changed. Follow the instructions below:
Open configuration.yml as an administrator located in /Mideye Server 5/config. Navigate to database section (example below) and change the output to fit the new database.
driver: net.sourceforge.jtds.jdbc.Driver url: jdbc:jtds:sqlserver://localhost:1433/mideye;domain=mideye.com;prepareSQL=2;useNTLMv2=true username: "username" password: "password"
Save and restart the Mideye Service.
Corrupt keystore when reinstalling same version
When uninstalling Mideye Server and reinstalling the same version, the keystore must be manually removed before installing the Mideye Server again.
After a successful uninstall, navigate to /Mideye Server 5/Config/ and remove the keystore.p12. Once removed, the same version of Mideye Server can be installed again.
Configuration
For further configuration of the Mideye Server, please refer to the
Reference guide .
Troubleshooting
A list of the most common problems is listed below. If the Mideye Server service fails to start after installation, look for error messages in the log file located in %installdir%\log\mideyeserver.log
Error message: Failed to startup Mideye Server: [failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.]
Invalid password provided for the PFX certificate imported during installation. Open /opt/mideyeserver/config/configuration-prod.yml as a local administrator and change the key passphrase. Manually start the Mideye Server service from Services.
Error message: ERROR [XNIO-2 task-19] HikariPool: HikariPool-2 - Exception during pool initialization.java.sql.SQLException: Login failed for user 'user.name'.
This error message is due to invalid credentials to the SQL database. Verify the configuration in /opt/mideyeserver/config/configuration-prod.yml. Also, check the database log files. Manually start the Mideye Server service from Services.
Support Contact
Email: support@mideye.com
Phone: +46 (0)854514750