GCS Tech, Inc.

12 E. 4th St.

Spencer, IA 51301




Date: July 31, 2019



Installing a paid SSL certificate for a UniFi Controller on Ubuntu 22.04


I use ssls.com so these instructions are for their certs but should be easily used for others.


Create a new key and CSR file for the server


cd /etc/ssl

openssl req -new -newkey rsa:2048 -nodes -keyout servername.key -out servername.csr


submit the CSR to ssls.com and wait for your certificates to be created.

Download the certificate zip file to /etc/ssl/ and unzip

You will have 2 files.  Your server certificate and the ca-bundle


cp servername.key /usr/lib/unifi/

cp servername.crt /usr/lib/unifi/

cp servername.ca-bundle /usr/lib/unifi/


clean up the /etc/ssl directory by moving the files

mv servername.key private/

mv servername.crt certs/


cd /usr/lib/unifi


Ubuntu 22.04 uses openssl 3 and they have changed the .key structure.  So first we have to revert it from pkcs8 to pkcs1


openssl pkcs8 -nocrypt -traditional -in servername.key -out unifi.key


then create a single file from your cert and bundle

cat servername.ca-bundle >> servername.crt


systemctl stop unifi


java -jar lib/ace.jar import_key_cert unifi.key servername.crt


There should be no errors and return you to a prompt.


systemctl start unifi


goto https://servername.domain.com:8443