Jump to content

Mobile Device Connector install in Linux


Kjetil
 Share

Recommended Posts

Hi,

I want to run the installation script mdmcore-linux-x86_64.sh on my server, but have no clue what to set for the "--https-cert-path" option ?

I can understand from the thread https://forum.eset.com/topic/5814-mdm-webserver-does-not-use-full-cert-chain/ that the agent cert found in the Security Management Center can be used, but how do I specify the path to that ?

 

 

Link to comment
Share on other sites

I have read the documentation in the link. I says that for "Server assisted installation", the installer will download required certificates automatically. I can see in ESMC under "Peer certificates" that there is an "agent certificate for server assisted installation". Still, I need to know the path for this in order to provide the installation command parameters. So, how do I find --https-cert-path= to the "agent certificate for server assisted installation" ?

Link to comment
Share on other sites

If others have the same problem, I found out how:

1. Log in to ESMC

2. Choose "More->Peer certificates"

3. Left click on "agent certificate for server assisted installation" and "Export"

4. Copy the cert to a location on the server, and rename it, like /etc/ssl/certs/agentcertcopy.pfx

5. use that path in the script: --https-cert-path="/etc/ssl/certs/agentcertcopy.pfx"

Link to comment
Share on other sites

  • ESET Staff

Hello

--https-cert-path is not Agent certificate but certificate used to communicate with devices.

Agent certificate does not have valid properties for this interface.

You can create valid https interface certificate in ESMC certificates when You select MDM product.

HTH

Link to comment
Share on other sites

Ah, Thanks for the clarification. I have replaced the peer certificate I downloaded from ESMC with a new pfx certificate from Letsencrypt.com. 

The mdmcore-linux-x86_64.sh script completes without errors. If I go to https://"myserver":9980 I get the message "MDC Server up and running!"

Still I can not select any Mobile Device connector in ESMC ? It's like if the ESMC and the MDM is not connected with eachother.

In the trace.log, I find the output below. Any idéa how to troubleshoot this ?

Quote

 

Configuration: Cannot parse APNS cert, iOS enrollment and push notifications will not work
2019-02-21 09:01:01 E [140378738026240] ModSslCertTools: P12 verification failed with error: unable to get local issuer certificate
2019-02-21 09:01:01 W [140378738026240] MultiAgentOverloadReporter: Reporting OK, with 0 out of 200 last connections unsuccessful.
2019-02-21 09:01:01 I [140378738026240] Logging to directory /var/log/eset/RemoteAdministrator/MDMCore/Proxy/
2019-02-21 09:01:06 W [140378430752512] Module Update: Perform Update: ignore module update, no license.
2019-02-21 09:01:11 S [140378413967104] Status:
 Version: 7.0.520.0
 AdminConnector: Connected: false
 CertManager: no change in progress
 AgentConnector: Attempted connections: 0 Completed connections: 0 Clean disconnections: 0
 AgentManager: Total active agents: 0 Agents rotated since last report: 0
 AsioTcpInstance.Count: 0
 HTTP (enrollment): Attempted connections: 0
 HTTP (mdm): Attempted connections: 0

2019-02-21 09:01:21 W [140378447537920] Configuration: APNS Certificate was empty.
2019-02-21 09:02:01 E [140378558600960] ConnectionPool: No module is subscribed for message EventLog_QOS_DATABASE_EVENT (10107)
2019-02-21 09:06:12 E [140377885488896] AdminConnector: Unable to send message(s), Pending: 4 Reason: Not connected

 

Edited by Kjetil
Link to comment
Share on other sites

  • ESET Staff

Hello,

Part of information is sent via management Agent which must be installed on same device as MDM. I assume you did not install it as AdminConnector has pending messages.

HTH

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...