Home / server / Questions / 1089958
Accepted
Ludwig
Asked: 2022-01-14 14:37:26 +0800 CST

How to install a validated SSL certificate on Ubiquiti UniFi Network Application (Controller) running on Linux

  • 772

I want to replace the self signed Unifi certificate used for the web interface of the UniFi Network application / server v6.5 (on Ubuntu 18 Linux) with a signed (wildcard) certificate and private key I already have.

Where should I put the private key, where the cert and how do I configure the UniFi Network Application / Controller to use this cert?

I found some information but none of them worked for me or seemed to be ways to complicated.

certificate unifi ubiquiti

2 Answers

  1. Best Answer

    Go to UniFi base folder

    cd /usr/lib/unifi

    Copy your private key file and the pem file (single file including the cert, intermediate ca cert and chain to the root if needed) to /usr/lib/unifi/

    Convert your private key from PKCS#8 to PKCS#1 if necessary (when you get an error message like java.lang.IllegalStateException: private.key contains an artifact that is not a key pair: org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

    openssl rsa -in private.key -out transformed-private.key

    Stop the UniFi Network application

    service unifi stop

    Import cert and key to keystore

    java -jar lib/ace.jar import_key_cert transformed-private.key certificate.pem

    Start the UniFi Network application

    service unifi start

    Clean up and delete your cert and private key files.

    That's it.

    • 2

  2. This is exactly what I was looking for.

    Additionally, if you are using an internal CA (As I am) you will need to also upload the CA certificate to the server and specify it at the end-

    sudo java -jar lib/ace.jar import_key_cert transformed-private.key certificate.pem ca-certificate.pem
    • 0