GCS Tech, Inc.

12 E. 4^th St.

Spencer, IA 51301

712-262-6974

 

 

Date: July 31, 2019

 

 

Installing a paid SSL certificate for a UniFi Controller on Ubuntu 22.04

 

I use ssls.com so these instructions are for their certs but should be easily used for others.

 

Create a new key and CSR file for the server

 

cd /etc/ssl

openssl req -new -newkey rsa:2048 -nodes -keyout servername.key -out servername.csr

 

submit the CSR to ssls.com and wait for your certificates to be created.

Download the certificate zip file to /etc/ssl/ and unzip

You will have 2 files.  Your server certificate and the ca-bundle

 

cp servername.key /usr/lib/unifi/

cp servername.crt /usr/lib/unifi/

cp servername.ca-bundle /usr/lib/unifi/

 

clean up the /etc/ssl directory by moving the files

mv servername.key private/

mv servername.crt certs/

 

cd /usr/lib/unifi

 

Ubuntu 22.04 uses openssl 3 and they have changed the .key structure.  So first we have to revert it from pkcs8 to pkcs1

 

openssl pkcs8 -nocrypt -traditional -in servername.key -out unifi.key

 

then create a single file from your cert and bundle

cat servername.ca-bundle >> servername.crt

 

systemctl stop unifi

 

java -jar lib/ace.jar import_key_cert unifi.key servername.crt

 

There should be no errors and return you to a prompt.

 

systemctl start unifi

 

goto https://servername.domain.com:8443