Skip to content

Configure Database for Mideye: MySQL, MariaDB, MSSQL

Mideye Server stores all data in a single relational database. Choose one of the supported engines below and configure the application-prod.yml file.

| Engine | JDBC driver shipped | Default port | Typical OS | |---|---|---|---| | MariaDB 10.5 + | mariadb-java-client | 3306 | Linux | | MySQL 8.0 + | mariadb-java-client (compatible) | 3306 | Linux | | Microsoft SQL Server 2016 – 2025 | mssql-jdbc | 1433 | Windows |

For supported database versions, see the Preinstall checklist.


| OS | Path | |---|---| | Linux | /opt/mideyeserver6/config/application-prod.yml | | Windows | C:\Program Files (x86)\Mideye Server 6\config\application-prod.yml |


CREATE DATABASE mideyeserver
CHARACTER SET utf8mb4
COLLATE utf8mb4_unicode_ci;
CREATE USER 'mideye'@'localhost' IDENTIFIED BY 'your_strong_password';
GRANT ALL PRIVILEGES ON mideyeserver.* TO 'mideye'@'localhost';
FLUSH PRIVILEGES;

If the database is on a different host, replace 'mideye'@'localhost' with 'mideye'@'%' or 'mideye'@'10.0.0.0/255.255.255.0' to restrict access to a specific subnet.

spring:
datasource:
type: com.zaxxer.hikari.HikariDataSource
url: jdbc:mariadb://localhost:3306/mideyeserver
username: mideye
password: 'your_strong_password'
hikari:
initializationFailTimeout: 3600000
data-source-properties:
cachePrepStmts: true
prepStmtCacheSize: 250
prepStmtCacheSqlLimit: 2048
useServerPrepStmts: true
max-lifetime: 600000
jpa:
liquibase:
contexts: prod

MySQL 8+ enforces SSL by default. If the database server uses a self-signed certificate (common in development), add ?sslMode=trust to the URL:

url: jdbc:mariadb://db.example.com:3306/mideyeserver?sslMode=trust

For production, prefer sslMode=verify-full with a properly signed certificate.


Step-by-step: Change database configuration

Section titled “Step-by-step: Change database configuration”
  1. Stop Mideye Server

    Terminal window
    Stop-Service "Mideye Server 6"
  2. Back up the current configuration

    Terminal window
    Copy-Item "C:\Program Files (x86)\Mideye Server 6\config\application-prod.yml" `
    "C:\Program Files (x86)\Mideye Server 6\config\application-prod.yml.bak"
  3. Edit application-prod.yml

    Update the spring.datasource section using the examples above.

    Open as Administrator:

    C:\Program Files (x86)\Mideye Server 6\config\application-prod.yml
  4. Start and validate

    Start the service and watch the log to catch errors immediately.

    PowerShell's Get-Content -Wait works like Linux tail -f: it streams new lines as they are written:

    Terminal window
    Start-Service "Mideye Server 6"
    Get-Content "C:\Program Files (x86)\Mideye Server 6\log\mideyeserver.log" -Wait -Tail 50

    Press Ctrl+C to stop following the log.

    Look for Started MideyeServerApp in the log. If the database connection fails, the error appears within the first few seconds.


| Scenario | URL | |---|---| | Local, default port | jdbc:mariadb://localhost:3306/mideyeserver | | Remote host | jdbc:mariadb://db.example.com:3306/mideyeserver | | Self-signed SSL | jdbc:mariadb://db.example.com:3306/mideyeserver?sslMode=trust | | Verified SSL | jdbc:mariadb://db.example.com:3306/mideyeserver?sslMode=verify-full |

| Scenario | URL | |---|---| | SQL auth, local | jdbc:sqlserver://localhost:1433;databaseName=mideyeserver;trustServerCertificate=true | | SQL auth, remote | jdbc:sqlserver://db.example.com:1433;databaseName=mideyeserver;trustServerCertificate=true | | Named instance | jdbc:sqlserver://localhost\MSSQLSERVER;databaseName=mideyeserver;trustServerCertificate=true | | Windows auth (NTLM) | jdbc:sqlserver://localhost:1433;databaseName=mideyeserver;integratedSecurity=true;authenticationScheme=NTLM;useNTLMv2=true;user=PLACEHOLDER_DO_NOT_CHANGE_OR_REMOVE;password=PLACEHOLDER_DO_NOT_CHANGE_OR_REMOVE;trustServerCertificate=true | | AD domain login | jdbc:sqlserver://sqlserver.corp.example.com:1433;databaseName=mideyeserver;encrypt=true;trustServerCertificate=true;authenticationScheme=NTLM;domain=corp.example.com | | Encrypted connection | jdbc:sqlserver://db.example.com:1433;databaseName=mideyeserver;encrypt=true;trustServerCertificate=false |


| OS | Log directory | |---|---| | Linux | /opt/mideyeserver6/log/ | | Windows | C:\Program Files (x86)\Mideye Server 6\log\ |

Tail the log while starting the service to see database errors in real time:

Terminal window
# Windows (PowerShell): equivalent of Linux "tail -f"
Get-Content "C:\Program Files (x86)\Mideye Server 6\log\mideyeserver.log" -Wait -Tail 100 | Select-String -Pattern "error|exception|datasource|hikari"
Terminal window
# Linux
tail -f /opt/mideyeserver6/log/mideyeserver.log | grep -i -E "error|exception|datasource|hikari"
Section titled “Communications link failure (MariaDB / MySQL)”
com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure

Cause: The database server is unreachable, wrong host/port, firewall, or the service is not running.

Fix:

  1. Verify the database is running: systemctl status mariadb or systemctl status mysql
  2. Test connectivity: mysql -h localhost -u mideye -p mideyeserver
  3. Check firewall rules for port 3306

java.sql.SQLException: Access denied for user 'mideye'@'localhost' (using password: YES)

Cause: Wrong username, password, or the user does not have access to the database.

Fix:

  1. Verify the password in application-prod.yml is enclosed in single quotes
  2. Test manually: mysql -u mideye -p -D mideyeserver
  3. Re-grant privileges if needed:
    GRANT ALL PRIVILEGES ON mideyeserver.* TO 'mideye'@'localhost';
    FLUSH PRIVILEGES;

java.sql.SQLSyntaxErrorException: Unknown database 'mideyeserver'

Cause: The database does not exist or the name is misspelled in the URL.

Fix:

  1. Verify the database exists: SHOW DATABASES;
  2. Create it if missing (see the creation commands above)
  3. Check for case-sensitivity issues, use the exact name from SHOW DATABASES

Public Key Retrieval is not allowed (MySQL 8)

Section titled “Public Key Retrieval is not allowed (MySQL 8)”
java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed

Cause: MySQL 8 uses caching_sha2_password by default and refuses to send the public key over an unencrypted connection.

Fix: Add ?sslMode=trust to the JDBC URL (the MariaDB JDBC driver handles this parameter):

url: jdbc:mariadb://localhost:3306/mideyeserver?sslMode=trust

The driver could not establish a secure connection to SQL Server (MSSQL)

Section titled “The driver could not establish a secure connection to SQL Server (MSSQL)”
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption.

Cause: SQL Server 2022+ enforces encrypted connections but the server uses a self-signed certificate that the JDBC driver does not trust.

Fix: Add trustServerCertificate=true to the URL:

url: jdbc:sqlserver://localhost:1433;databaseName=mideyeserver;trustServerCertificate=true

com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'mideye'.

Cause: Wrong credentials, the login does not exist, or the user is not mapped to the database.

Fix:

  1. Verify the login exists in SQL Server: SELECT name FROM sys.server_principals WHERE name = 'mideye';
  2. Verify the user is mapped: USE mideyeserver; SELECT name FROM sys.database_principals WHERE name = 'mideye';
  3. Re-create if needed (see the creation commands above)

java.sql.SQLException: Incorrect string value: '\xC3\xA4...' for column 'username'

or conversion errors like Cannot convert from utf8mb4 to latin1.

Cause: The database or individual tables were created with a different character set (often latin1) than what the JDBC connection expects (utf8mb4). This happens when:

  • The database was created without specifying CHARACTER SET utf8mb4
  • An older MySQL/MariaDB installation defaulted to latin1
  • Liquibase migrations create tables without explicit character set, they inherit the database default

Diagnose: Check the current character set and collation of the database and affected table:

-- Check database defaults
SELECT DEFAULT_CHARACTER_SET_NAME, DEFAULT_COLLATION_NAME
FROM INFORMATION_SCHEMA.SCHEMATA
WHERE SCHEMA_NAME = 'mideyeserver';
-- Check a specific table
SELECT TABLE_NAME, TABLE_COLLATION
FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA = 'mideyeserver' AND TABLE_NAME = 'blocked_attempts';

Fix: Convert the database and all affected tables to the correct character set.

For MySQL 8:

ALTER DATABASE mideyeserver
CHARACTER SET utf8mb4
COLLATE utf8mb4_0900_ai_ci;
-- Convert each affected table (repeat for each table with wrong collation)
ALTER TABLE blocked_attempts
CONVERT TO CHARACTER SET utf8mb4
COLLATE utf8mb4_0900_ai_ci;

For MariaDB:

ALTER DATABASE mideyeserver
CHARACTER SET utf8mb4
COLLATE utf8mb4_unicode_ci;
ALTER TABLE blocked_attempts
CONVERT TO CHARACTER SET utf8mb4
COLLATE utf8mb4_unicode_ci;

Faster debugging with initializationFailTimeout

Section titled “Faster debugging with initializationFailTimeout”

The default initializationFailTimeout is 3600000 (60 minutes), Mideye Server will retry the connection for up to an hour before giving up. While debugging, temporarily lower this to see errors faster:

hikari:
initializationFailTimeout: 10000

Remember to restore the original value (3600000) after the issue is resolved.


To migrate from one database engine to another:

  1. Back up your current database and application-prod.yml
  2. Install and configure the new database engine
  3. Create the mideyeserver database on the new engine
  4. Update application-prod.yml with the new connection settings
  5. Restart Mideye Server and verify the log output