This page covers host prerequisites and getting the source onto the
machine. For the actual build commands see build.md.
The agent is tested on Linux. The minimum toolchain is a C99-capable
GCC — the makefile invokes gcc -std=gnu99.
The agent always needs:
gccwith C99 support andmake(Development Tools)gitlibcurldevelopment headers
One of the following SSL stacks is required, matching the build
configuration you intend to use (see build.md for the
full variable reference):
- OpenSSL build (
CRYPTO=openssl, anyOUT, optionallypi=1) — distrolibssl/openssl-develheaders. - wolfSSL build (
CRYPTO=wolfssl, anyOUT, optionallypi=1) — wolfSSL built from source andlibcurlrebuilt against it (stock distrolibcurlis linked against OpenSSL and will not work). - TPM build (
CRYPTO=openssl tpm=1, typically alsopi=1) — OpenSSL plustpm2-tssand thetpm2-tss-engineOpenSSL engine, installed at an engines path the linker can find (see the TPM section ofbuild.mdfor the searched paths).
sudo apt update
sudo apt install -y build-essential git curl
# OpenSSL build:
sudo apt install -y libcurl4-gnutls-dev libssl-dev
# wolfSSL build — extra tooling required to build wolfSSL and cURL from source:
sudo apt install -y automake autoconf libtool pkg-config wgetOn 32-bit Raspberry Pi OS add pi=1 to the make invocation — it adds
-Wno-format to suppress spurious warnings from printing 64-bit values
with %lu.
sudo dnf update
sudo dnf groupinstall -y "Development Tools"
sudo dnf install -y git curl
# OpenSSL build:
sudo dnf install -y curl-devel openssl-devel
# wolfSSL build — extra tooling required to build wolfSSL and cURL from source:
sudo dnf install -y automake autoconf libtool pkg-config wgetcd ~
git clone https://github.com/keyfactor-iot/Keyfactor-CAgent
cd Keyfactor-CAgent- Build the agent for your target — see
build.md. - Prepare the
config.jsonand trust store — seeconfiguration.md. - Review the enrollment flow before first run — see
enrollment-and-certificates.md.