Zabbix Documentation 3.0

3.04.04.4 (current)| In development:5.0 (devel)| Unsupported:1.82.02.22.43.23.44.2Guidelines

User Tools

Site Tools


Sidebar

manual:installation:install:win_agent

This is an old revision of the document!


How to build Windows agent binaries with/without TLS

Compiling OpenSSL from sources on MS Windows 10 (64-bit)

  1. For compiling OpenSSL you will need on Windows machine:
    1. C compiler (e.g. VS 2017 RC),
    2. Perl (e.g. Strawberry Perl from http://strawberryperl.com/),
    3. Perl module Text::Template (cpan Text::Template).
  2. Get OpenSSL sources from https://www.openssl.org/. OpenSSL 1.1.1 is used here.
  3. Unpack OpenSSL sources, for example, in E:\openssl-1.1.1.
  4. Open a commandline window e.g. the x64 Native Tools Command Prompt for VS 2017 RC.
  5. Go to the OpenSSL source directory, e.g. E:\openssl-1.1.1.
    1. Verify that NASM can be found:
      e:\openssl-1.1.1> nasm --version
      NASM version 2.13.01 compiled on May  1 2017
  6. Configure OpenSSL, for example:
    e:\openssl-1.1.1> perl E:\openssl-1.1.1\Configure VC-WIN64A no-shared no-capieng no-srp no-gost no-dgram no-dtls1-method no-dtls1_2-method  --api=1.1.0 --prefix=C:\OpenSSL-Win64-111-static --openssldir=C:\OpenSSL-Win64-111-static
    • Note the option 'no-shared': if 'no-shared' is used then the OpenSSL static libraries libcrypto.lib and libssl.lib will be 'self-sufficient' and resulting Zabbix binaries will include OpenSSL in themselves, no need for external OpenSSL DLLs. Advantage: Zabbix binaries can be copied to other Windows machines without OpenSSL libraries. Disadvantage: when a new OpenSSL bugfix version is released, Zabbix agent needs to recompiled and reinstalled.
    • If 'no-shared' is not used, then the static libraries libcrypto.lib and libssl.lib will be using OpenSSL DLLs at runtime. Advantage: when a new OpenSSL bugfix version is released, probably you can upgrade only OpenSSL DLLs, without recompiling Zabbix agent. Disadvantage: copying Zabbix agent to another machine requires copying OpenSSL DLLs, too.
  7. Compile OpenSSL, run tests, install:
    e:\openssl-1.1.1> nmake
    e:\openssl-1.1.1> nmake test
    ...
    All tests successful.
    Files=152, Tests=1152, 501 wallclock secs ( 0.67 usr +  0.61 sys =  1.28 CPU)
    Result: PASS
    e:\openssl-1.1.1> nmake install_sw
    'install_sw' installs only software components (i.e. libraries, header files, but no documentation). If you want everything, use "nmake install".

Compiling Zabbix from sources on MS Windows 10 (64-bit)

When compiling Zabbix with/without TLS support the only significant difference will be in step 4.

Support for OpenSSL 1.1.1 was added in 3.0.23, some additional fixes - in 3.0.24rc1.

  1. On a Linux machine check out the source from SVN:
    $ svn co svn://svn.zabbix.com/tags/3.0.24rc1
    $ cd 3.0.24rc1/
    $ ./bootstrap.sh
    $ ./configure --enable-agent --enable-ipv6 --prefix=`pwd`
    $ make dbschema
    $ make dist
  2. Copy and unpack the archive, e.g. zabbix-3.0.24rc1.tar.gz, on a Windows machine.
  3. Let's assume that sources are in e:\zabbix-3.0.24rc1. Open a commandline window e.g. the x64 Native Tools Command Prompt for VS 2017 RC. Go to e:\3.0.24rc1\build\win32\project.
  4. Compile zabbix_get, zabbix_sender and zabbix_agent.
    • without TLS:
      E:\ zabbix-3.0.24rc1\build\win32\project> nmake /K
    • with TLS:
       <code>
      E:\ zabbix-3.0.24rc1\build\win32\project> nmake /K -f Makefile_get TLS=openssl TLSINCDIR="C:\OpenSSL-Win64-111-static\include" TLSLIBDIR="C:\OpenSSL-Win64-111-static\lib"
      E:\ zabbix-3.0.24rc1\build\win32\project> nmake /K -f Makefile_sender TLS=openssl TLSINCDIR="C:\OpenSSL-Win64-111-static\include" TLSLIBDIR="C:\OpenSSL-Win64-111-static\lib"
      E:\ zabbix-3.0.24rc1\build\win32\project> nmake /K -f Makefile_agent TLS=openssl TLSINCDIR="C:\OpenSSL-Win64-111-static\include" TLSLIBDIR="C:\OpenSSL-Win64-111-static\lib"
  5. New binaries are located in e:\zabbix-3.0.24rc1\bin\win64. Since OpenSSL was compiled with 'no-shared' option, Zabbix binaries contain OpenSSL within themselves and can be copied to other machines that do not have OpenSSL.