SSL for Ubiquiti UniFi Controller Software – Linux

Overview

These are the steps install or update the SSL certificate on Ubiquiti UniFi Controller software.

Detailed Steps

  1. Login to linux host via SSH, then sudo su – root.
  2. Copy SSL certificate, key file, and CA Bundle onto host.
  3. Verify the existing keystore – keytool -list -keystore /var/lib/unifi/keystore, password is aircontrolenterprise.
  4. Backup the original keystore – cp /var/lib/unifi/keystore /home/keystore.orig.
  5. Start the generation of the new keystore – openssl pkcs12 -export -in /tmp/STAR_rm-pc_com.crt -inkey /tmp/STAR_rm-pc_com_key.txt -out /tmp/tmpkeystore -passout pass:aircontrolenterprise -name unifi
  6. Complete the generation of the new keystore – keytool -importkeystore -srckeystore /tmp/tmpkeystore -srcstorepass aircontrolenterprise -destkeystore /tmp/newkeystore -deststorepass aircontrolenterprise -alias unifi -trustcacerts
  7. Copy the new keystore into place – cp /tmp/newkeystore /var/lib/unifi/keystore
  8. Restart the controller software – systemctl restart unifi
  9. Verify the SSL Certificate is coming up and correct using a web browser and go to: https://yourctrl.name:8443.