Installing a Custom SSL Certificate on a Linux UniFi Controller05 Jun 2015
It took me a while to find this so it seems worth posting here.
Once you have a signed certificate file we need to create a p12 keystore file. In my case the certificate was from Go Daddy and there’s an intermediate certificate (gd_bundle-g2-g1.crt) that needs to be included.
openssl pkcs12 -export -in example.crt \ -inkey example.key \ -out example.p12 \ -name unifi \ -certfile gd_bundle-g2-g1.crt
At the prompt enter the password
We can then import example.p12 into the Unifi keystore:
sudo keytool -importkeystore \ -deststorepass aircontrolenterprise \ -destkeypass aircontrolenterprise \ -destkeystore /usr/lib/unifi/data/keystore \ -srckeystore example.p12 \ -srcstoretype PKCS12 \ -srcstorepass aircontrolenterprise \ -alias unifi
And restart the controller with
service unifi restart.