/unifi_keystore_gen.sh
Last active Feb 16, 2019
Generate a keystore for Unifi controllers
| #!/bin/bash | |
| # Assumptions: | |
| # ./unifi.pem is the signed cert you wish to use | |
| # ./unifi.key is the private key | |
| # ./chain.pem is the CA chain for your issuer, ordered intermediates to root (descending) | |
| # /var/lib/unifi/keystore is the appropriate path for your Keystore; may vary by distro (tested on Debian 8) | |
| openssl pkcs12 -export \ | |
| -in unifi.pem \ | |
| -inkey unifi.key \ | |
| -out unifi.p12 \ | |
| -name unifi \ | |
| -chain -CAfile chain.pem \ | |
| -passout pass:aircontrolenterprise | |
| keytool -importkeystore \ | |
| -deststorepass aircontrolenterprise \ | |
| -destkeypass aircontrolenterprise \ | |
| -destkeystore keystore.jks \ | |
| -srckeystore unifi.p12 \ | |
| -srcstoretype PKCS12 \ | |
| -srcstorepass aircontrolenterprise \ | |
| -alias unifi | |
| rm -f unifi.p12; rm -f unifi.pem; rm -f unifi.key | |
| echo "Clean up: sudo mv keystore.jks /var/lib/unifi/keystore; sudo /etc/init.d/unifi restart; sudo tail -f /var/log/unifi/server.log" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment