GCS Tech, Inc.
12 E. 4th
St.
Spencer, IA 51301
712-262-6974
Date: July 31, 2019
Installing
a paid SSL certificate for a UniFi Controller on
Ubuntu 22.04
I use ssls.com
so these instructions are for their certs but should be easily used for others.
Create a
new key and CSR file for the server
cd /etc/ssl
openssl
req -new -newkey rsa:2048 -nodes -keyout
servername.key -out servername.csr
submit the
CSR to ssls.com and wait for your certificates to be created.
Download the
certificate zip file to /etc/ssl/
and unzip
You will
have 2 files. Your server certificate
and the ca-bundle
cp servername.key /usr/lib/unifi/
cp servername.crt
/usr/lib/unifi/
cp
servername.ca-bundle /usr/lib/unifi/
clean up
the /etc/ssl directory by
moving the files
mv servername.key private/
mv
servername.crt certs/
cd /usr/lib/unifi
Ubuntu
22.04 uses openssl 3 and they have changed the .key
structure. So first we have to revert it from pkcs8 to pkcs1
openssl
pkcs8 -nocrypt -traditional -in servername.key
-out unifi.key
then
create a single file from your cert and bundle
cat
servername.ca-bundle >> servername.crt
systemctl
stop unifi
java -jar lib/ace.jar
import_key_cert unifi.key
servername.crt
There
should be no errors and return you to a prompt.
systemctl
start unifi
goto
https://servername.domain.com:8443