Score:1

Server

How to install a validated SSL certificate on Ubiquiti UniFi Network Application (Controller) running on Linux

Ludwig

5/13/23, 10:37 PM

I want to replace the self signed Unifi certificate used for the web interface of the UniFi Network application / server v6.5 (on Ubuntu 18 Linux) with a signed (wildcard) certificate and private key I already have.

Where should I put the private key, where the cert and how do I configure the UniFi Network Application / Controller to use this cert?

I found some information but none of them worked for me or seemed to be ways to complicated.

266

0 + 0

certificate

ubiquiti

unifi

Score:2

Server

Ludwig

5/13/23, 10:37 PM

Go to UniFi base folder

cd /usr/lib/unifi

Copy your private key file and the pem file (single file including the cert, intermediate ca cert and chain to the root if needed) to /usr/lib/unifi/

Convert your private key from PKCS#8 to PKCS#1 if necessary (when you get an error message like java.lang.IllegalStateException: private.key contains an artifact that is not a key pair: org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

openssl rsa -in private.key -out transformed-private.key

Stop the UniFi Network application

service unifi stop

Import cert and key to keystore

java -jar lib/ace.jar import_key_cert transformed-private.key certificate.pem

Start the UniFi Network application

service unifi start

Clean up and delete your cert and private key files.

That's it.

0 + 0

Score:0

Server

Henrik Høyer

2/14/24, 11:35 AM

This procedure works from a Windows client

You need two files (both in PEM format);

unifi-core.crt The certificate
unifi-core.keyYour private key

Enable SSH on https://10.0.0.1/settings/system
Connect and check existing files

From cmd.exe

ssh 10.15.15.1 -l root
cd /mnt/data/unifi-os/unifi-core/config/
ls -lh

Upload the new cert and private key

From (another) cmd.exe

scp unifi-core.crt [email protected]:/mnt/data/unifi-os/unifi-core/config/unifi-core.crt
scp unifi-core.key [email protected]:/mnt/data/unifi-os/unifi-core/config/unifi-core.key

Verify the new files and apply

From the existing SSH connection (step 2)

ls -lh
unifi-os restart

Disable SSH https://10.0.0.1/settings/system

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to install a validated SSL certificate on Ubiquiti UniFi Network Application (Controller) running on Linux

TH: วิธีติดตั้งใบรับรอง SSL ที่ผ่านการตรวจสอบบน Ubiquiti UniFi Network Application (Controller) ที่ทำงานบน Linux

RO: Cum se instalează un certificat SSL validat pe aplicația de rețea Ubiquiti UniFi (controller) care rulează pe Linux

RU: Как установить проверенный SSL-сертификат в сетевом приложении Ubiquiti UniFi (контроллере), работающем в Linux

VI: Cách cài đặt chứng chỉ SSL đã được xác thực trên Ứng dụng mạng Ubiquiti UniFi (Bộ điều khiển) chạy trên Linux

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.