I have a video that shows the process of installing a CA Certificate in UniFi but I thought this may be a good post to start our new blog with.
First we’ll assume that you have a working Ubuntu or Debian based UniFi installation. Once you have that you’ll have to generate a CSR and then paste the CSR into your favorite place to buy a certificate. I use SSLs.com for my certificate needs.
SSH into your controller and follow these steps:
- cd /usr/lib/unifi
2. sudo java -jar lib/ace.jar new_cert unifi.mydomain.dom “My Company Name” City State CC* *(cc = 2 letter country code)
You will enter your password and then it will create your CSR in /var/lib/unifi
3. Do: more unifi_certificate.csr.pem
4. Copy and paste the CSR into your SSL provider’s website to request the certificate. Get your certificate issued (I would tell them I am using apache so they issue all the certs you will need)
5. Once you get your certificate and all the intermediate certs (if required) copy all the .crt files to /usr/lib/unifi and then (in my case):
6. sudo java -jar lib/ace.jar import_cert unifi_mydomain_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt
Put in your password again and you will see (after a few other lines):
Certificates successfuly imported. Please restart the UniFi Controller.
7. Run: sudo service unifi restart