I have a video that shows the process of installing a CA Certificate in UniFi but I thought this may be a good post to start our new blog with.

First we’ll assume that you have a working Ubuntu or Debian based UniFi installation.  Once you have that you’ll have to generate a CSR and then paste the CSR into your favorite place to buy a certificate.  I use SSLs.com for my certificate needs.

SSH into your controller and follow these steps:

  1.  cd /usr/lib/unifi

2.  sudo java -jar lib/ace.jar new_cert unifi.mydomain.dom “My Company Name” City State CC*          *(cc = 2 letter country code)

You will enter your password and then it will create your CSR in /var/lib/unifi

3.  Do:  more unifi_certificate.csr.pem

4.  Copy and paste the CSR into your SSL provider’s website to request the certificate.  Get your certificate issued (I would tell them I am using apache so they issue all the certs you will need)

5.  Once you get your certificate and all the intermediate certs (if required) copy all the .crt files to /usr/lib/unifi and then (in my case):

6.  sudo java -jar lib/ace.jar import_cert unifi_mydomain_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt

Put in your password again and you will see (after a few other lines):

Certificates successfuly imported. Please restart the UniFi Controller.

7.  Run:  sudo service unifi restart