Configure Mideye After Installation — Database & Port

After installing the Mideye Server package, you need to configure the database connection and verify the server port before starting the service and running the web-based Configuration Wizard.

Configuration overview

Step	What	Where
1	Configure the database	application-prod.yml
2	Verify the server port	application-prod.yml
3	Start the service and check logs	Terminal / Services
4	Verify firewall access	Network / browser
5	Find the setup challenge	Server log
6	Complete the Configuration Wizard	Web browser

---

Configuration file

All server settings live in application-prod.yml. This file is read on startup and overrides internal defaults.

Platform	Path
Windows	C:\Program Files (x86)\Mideye Server 6\config\application-prod.yml
RHEL / Rocky / Alma	/opt/mideyeserver6/config/application-prod.yml
Debian / Ubuntu	/opt/mideyeserver6/config/application-prod.yml

Tip: Back up this file before making changes. After editing, restart the service for changes to take effect.

---

Step 1: Configure the database

Mideye Server needs a database connection to start. The installer may have configured this during installation (Windows with SQL Server), but for Linux installs or MySQL/MariaDB you must set this manually.

Open application-prod.yml and locate the spring.datasource section:

MariaDB (Linux default)

spring:
  datasource:
    url: jdbc:mariadb://localhost:3306/MideyeServer
    username: mideye
    password: your_secure_password

MySQL

spring:
  datasource:
    url: jdbc:mysql://localhost:3306/MideyeServer?sslMode=TRUST
    username: mideye
    password: your_secure_password

SQL Server

spring:
  datasource:
    url: jdbc:sqlserver://localhost:1433;databaseName=MideyeServer;encrypt=true;trustServerCertificate=true
    username: mideye
    password: your_secure_password

Key settings:

Property	Description
url	JDBC connection string — set hostname, port, and database name
username	Database user with full permissions on the Mideye database
password	Database user password

Caution

The database and user must exist before starting the service. Mideye Server creates its own tables (via Liquibase) on first startup, but it does not create the database itself.

---

Step 2: Verify the server port

The web interface port is set in the server section of application-prod.yml:

Linux (default: 8443)

server:
  port: 8443
  ssl:
    key-store: /opt/mideyeserver6/config/keystore.p12
    key-store-password: "AUTOGENERATED_KEYSTORE_PASSWORD"
    key-alias: webadmin
    enabled: true

Windows (set during install)

server:
  port: 443
  ssl:
    key-store: C:\Program Files (x86)\Mideye Server 6\config\keystore.pfx
    key-store-password: "AUTOGENERATED_KEYSTORE_PASSWORD"
    enabled: true
    key-alias: webadmin

Change port if the default conflicts with another application on the same server. Common alternatives: 443, 8443, 9443.

Note

Both installers generate a self-signed TLS certificate and keystore automatically during installation. On Linux, the password is written directly into application-prod.yml. On Windows, the MSI installer sets the keystore path and password.

For production, replace the self-signed certificate with one signed by your organization’s CA or a public CA.

---

Step 3: Start the service

After configuring the database and port, start the service and verify it starts without errors.

Linux (systemd)

sudo systemctl enable mideyeserver6
sudo systemctl start mideyeserver6

Check the log for startup messages:

tail -f /opt/mideyeserver6/log/mideyeserver.log

Windows

Open Services (services.msc), find Mideye Server 6, and start it.

Check the log:

C:\Program Files (x86)\Mideye Server 6\log\mideyeserver.log

A successful startup shows:

----------------------------------------------------------
    Application 'MideyeServer' is running! Access URLs:
    Local:      https://localhost:8443/
    External:   https://10.20.30.11:8443/
    Profile(s): [prod]
----------------------------------------------------------

If the server fails to start, check for:

Symptom	Likely cause
Connection refused or Communications link failure	Database not running, wrong host/port, or wrong credentials
Access denied for user	Wrong database username or password
Unknown database	Database does not exist — create it first
Address already in use	Another service is using the configured port
Keystore was tampered with	Wrong keystore password

---

Step 4: Verify firewall access

Before you can reach the web interface, ensure these ports are open between your workstation and the Mideye Server:

Port	Protocol	Direction	Purpose
443 or 8443	TCP	Inbound	Web administration interface
1812	UDP	Inbound + Outbound	RADIUS authentication
Customer-specific port	TCP	Outbound	Mideye Switch connection

Quick test from your workstation:

Linux / macOS

curl -k https://your-server:8443/management/health

Windows (PowerShell)

Test-NetConnection -ComputerName your-server -Port 8443

A working connection returns {"status":"UP"} (or TcpTestSucceeded: True on Windows).

If the connection fails, check your OS firewall and any network firewalls between your workstation and the server. See Networking Requirements for the full port listing.

---

Step 5: Find the setup challenge

When Mideye Server starts for the first time without a configured root account, it generates a one-time setup challenge and logs it. You need this code to complete the Configuration Wizard.

Linux

grep "SETUP CHALLENGE" /opt/mideyeserver6/log/mideyeserver.log

Windows (PowerShell)

Select-String -Path "C:\Program Files (x86)\Mideye Server 6\log\mideyeserver.log" -Pattern "SETUP CHALLENGE"

You’ll see:

2024-01-15 09:18:45.498Z WARN  [main] SetupService: ************************************
2024-01-15 09:18:45.498Z WARN  [main] SetupService: ******* SETUP CHALLENGE: mmnsMuGFjJ
2024-01-15 09:18:45.498Z WARN  [main] SetupService: ************************************

Copy the challenge code — you’ll enter it in the next step.

Note

The challenge is regenerated every time the server starts while setup is incomplete. Always use the most recent value from the log.

---

Step 6: Configuration Wizard

Open a browser and navigate to:

https://<your-server>:<port>

The Configuration Wizard walks you through:

1. Setup challenge — Enter the code from the log
2. Root password — Create the initial administrator account
3. Switch connection — Connect to Mideye Switch for OTP delivery (or enable air-gapped mode)
4. LDAP profile (optional) — Connect to Active Directory or another directory
5. RADIUS client (optional) — Register your first VPN or firewall

→ Configuration Wizard — full walkthrough

---

After setup is complete

Once the wizard finishes, you have:

• ✅ Root administrator access to the web interface
• ✅ Connection to Mideye Switch (or air-gapped mode enabled)
• ✅ Server ready for directory and RADIUS configuration

Next steps

Task	Description
Add LDAP/AD profile	Connect your identity source for user lookup
Configure RADIUS clients	Add VPNs, firewalls, and applications
Set up authentication types	Enable SMS, Push, TOTP, or hardware tokens
Configure Mideye Shield	Protect against brute-force and MFA fatigue attacks