Last active
February 16, 2019 22:02
-
-
Save rpunt/4ff693bf5aa0ac655f900b2ffcecd23e to your computer and use it in GitHub Desktop.
Generate a keystore for Unifi controllers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Assumptions: | |
| # ./unifi.pem is the signed cert you wish to use | |
| # ./unifi.key is the private key | |
| # ./chain.pem is the CA chain for your issuer, ordered intermediates to root (descending) | |
| # /var/lib/unifi/keystore is the appropriate path for your Keystore; may vary by distro (tested on Debian 8) | |
| openssl pkcs12 -export \ | |
| -in unifi.pem \ | |
| -inkey unifi.key \ | |
| -out unifi.p12 \ | |
| -name unifi \ | |
| -chain -CAfile chain.pem \ | |
| -passout pass:aircontrolenterprise | |
| keytool -importkeystore \ | |
| -deststorepass aircontrolenterprise \ | |
| -destkeypass aircontrolenterprise \ | |
| -destkeystore keystore.jks \ | |
| -srckeystore unifi.p12 \ | |
| -srcstoretype PKCS12 \ | |
| -srcstorepass aircontrolenterprise \ | |
| -alias unifi | |
| rm -f unifi.p12; rm -f unifi.pem; rm -f unifi.key | |
| echo "Clean up: sudo mv keystore.jks /var/lib/unifi/keystore; sudo /etc/init.d/unifi restart; sudo tail -f /var/log/unifi/server.log" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment