Ubiquiti Unifi Controller Custom Certificate

This is from a post^[1] that I am using for reference.

Posts: 3
Registered: ‎03-20-2013
Kudos: 16
Solutions: 1
Re: Your own SSL key and cert [ New ]
Options

‎03-20-2013 12:15 PM

If anyone is still having trouble with this, I just figured out how to do it using an existing Windows certificate. In my case, we have our own internal Certification Authority, but it will work just the same with a certificate issued by GoDaddy or anyone else.

 

I'm assuming you already know how to export the certificate using the Certificates MMC snap-in, and that the keytool executable from your installed java package is in the path.

 

1)      Export PFX certificate with private key and the option “Include all certificates in the certification path if possible”, using password "aircontrolenterprise" (this is important!)

 

2)      Open a Command Prompt and go to the directory Unifi was installed to then the data directory (example: C:\Users\administrator\Ubiquiti Unifi\data)

 

3)      Find the alias of your exported certificate by using (use the password from step 1):

keytool -list -keystore c:\path\to\pfx.pfx -storetype pkcs12

  

It will list the certificate starting with its alias, for example:

Keystore type: PKCS12

Keystore provider: SunJSSE

 

Your keystore contains 1 entry

 

le-webserver2003-8f6daf5b-8c89-405f-b3bb-045c58656883, Mar 20, 2013, PrivateKeyE

ntry,

Certificate fingerprint (MD5): AB:3F:79:FD:F5:1E:B3:69:78:8C:1C:AC:41:B3:29:6B

 

The certificate alias in this case is le-webserver2003-8f6daf5b-8c89-405f-b3bb-045c58656883. Use it in place of “src-alias” in the command below (yours will be different).

 

4)      Rename the existing file called “keystore” to keystore.orig.

 

5)      Run the following command:

keytool -importkeystore -srcstoretype pkcs12 -srcalias src-alias -srckeystore c:\path\to\pfx.pfx -keystore keystore -destalias unifi

 

Use the same password from step 1.

 

6)     Start the UniFi server.