Configuring Zabbix 6.2 with Docker and HTTPS

Since getting Zabbix up and running on docker with HTTPS wasn’t as straight-forward as I would have liked it to be I am providing a few notes on what I did to get up and running.

I decided to use Rocky Linux 8 as the platform for this installation. You will need a Rocky 8 ( or CentOS 8 ) instance with docker already configured. I also enabled the python38:3.8 module and installed the Python 3.8 packages.

You will also need to install the docker-compose python module as well.

pip3 install docker-compose

Download the desired docker-compose project from here :

In my example I am using the downloaded zip for version 6.2 :

Login to the server and become a user that can run docker. In my case I used the zabbix account which already existed due to the agent installation at host creation time.

Copy the file to the users home directory.

Unzip the file.


Cd into the newly created zabbix-docker-6.2 directory.

cd zabbix-docker-6.2

I am using the alpine – mysql docker compose so we copy that file to docker-compose.yml

cp docker-compose_v3_alpine_mysql_latest.yaml docker-compose.yml

Now you can test the docker-compose.yml file by bringing up the services.

docker-compose up

This will echo all output to the terminal and you can watch for any issues or errors. Once you are done you can stop the containers by hitting CTRL+C.

Now when you start and stop the containers it will create a directory called zbx_env which will be owned by root. So you will need to become root on your server for the next part.

Enabling HTTPS on the Zabbix server was a bit more difficult to figure out. Eventually I was able to locate the required information. First generate your certificates for the server and copy them over. Then copy the files to the following locations:

cp <certificate> zbx_env/etc/ssl/nginx/ssl.crt
cp <private key file> zbx_env/etc/ssl/nginx/ssl.key

After copying the certificate files you also need to generate the nginx dhparam.pem file.

openssl dhparam -out zbx_env/etc/ssl/dhparam.pem 2048

Be sure the files are owned by root and world readable. Even the key file needs to be world readable so the zabbix user inside the Zabbix server container can read them.

Now bring up your Zabbix environment again. This time using the -d option to daemonize the containers.

docker-compose up -d

Now point your browser to the URL of your server .. https://<servername> and start using your env.

You may also like...