Pre-install checklist

Before you begin the installation process, we recommend that you work through this checklist to verify that your infrastructure meets our minimum requirements and is configured correctly. It is possible to host multiple services on the same machine (For security reasons we recommend to host each service on a separate machine). For example, if Relution and the reverse proxy (nginx) are installed on the same machine, the server used to run Relution and the server used to run nginx refer to the same physical machine. In this case the server has to fulfill the requirements of both services.

Hardware

The server used to run Relution meets or exceeds the following minimum specifications.

Requirement Fulfilled

2 GiB of RAM or more

At least 10 GiB of free disk space

1 network interface

2 CPU cores or more

Operating system

The server used to run Relution uses a recommended operating systems and the operating system’s version meets or exceeds the minimum supported version.

Requirement Fulfilled

CentOS 7.4 or newer

RedHat Enterprise Linux (RHEL) 7.4 or newer

SUSE Linux Enterprise Server (SLES) 12 or newer

Windows Server 2008 R2 or newer

Latest (security) updates are installed

Database

The server used to run Relution has network access to a supported database server. This guide contains instructions on how to install MariaDB, if no database server is available at this time.

Requirement Fulfilled

MariaDB 10.3 or newer

Microsoft SQL Server 2008 or newer

MySQL 8.0 or newer

Latest (security) updates are installed

The Relution server can connect to the database server

Your user account can create a new database

Your user account can create new users

Automatic backups are configured

Network infrastructure

The server used to run the reverse proxy (nginx) is set up to host an Internet facing service. It has a public IP address and a public DNS name (e.g. “mdm.example.com”). If services are hosted on multiple internal servers, they can resolve each others host names.

The public IP address must be static. Dynamic IP addresses (aka dial-up) are not supported. Exception: The server is hosted by a cloud provider like Amazon Web Services (AWS) or Microsoft Azure which provide the necessary DNS infrastructure.

Requirement Fulfilled

Server has direct access to the internet

Server has a static public IP address

Server has a public DNS name

Internal DNS is working

Firewall configuration

Your firewall is set up to receive incoming HTTP(S) requests from mobile devices and web browsers.

Requirement Fulfilled

The reverse proxy is accessible via HTTP (80) from the Internet

The reverse proxy is accessible via HTTPS (443) from the Internet

Relution can connect to the Internet (80, 443, 2195, 2196, 5223)

Relution can connect to the SMTP server

Relution can connect to the database server

Optional:

Relution can connect to LDAP on port 389 or 636

Certificates

For HTTPS a valid SSL certificate from a well-known Certificate Authority (CA) is needed. Self signed certificates will not work, because mobile devices generally do not trust them. Certificates from Let’s Encrypt have been known to work. Be aware that older devices may not trust these certificates, as they were established as a CA fairly recently.

You can check W3Techs for a list of well-known certificate authorities based on market share and usage.

Requirement Fulfilled

You have a valid SSL certificate and key

You have a signed APNS certificate (only needed for iOS MDM)