Klint Van Tassel sprocktech
sprocktech
/ unifi-force-provision.sh
Last active
October 25, 2023 13:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # This is an example script to force provision a UniFi network device using the controller API | |
| # If you are running this externally then replace localhost with the hostname | |
| baseurl=https://localhost:8443 | |
| # I would make a dedicated admin user for this | |
| username=<username_here> | |
| password=<password_here> |
sprocktech
/ unifi-le-root-cert-fix.txt
Last active
October 11, 2021 13:50
Ubiquiti UniFi - Fix for the Let's Encrypt DST Root CA X3 Expiration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Some UniFi devices may not have the current ISRG root cert that LE uses | |
| # Some devices also have an older version of OpenSSL | |
| # These older versions will not validate a cert if the expired DST root cert is part of the chain | |
| # USG | |
| # This has an older OpenSSL version | |
| # The current ISRG root cert is not included in the latest firmware | |
| sudo -i | |
| sed -i 's|^mozilla\/DST_Root_CA_X3\.crt|!mozilla/DST_Root_CA_X3.crt|' /etc/ca-certificates.conf | |
| curl -sk https://letsencrypt.org/certs/isrgrootx1.pem -o /usr/local/share/ca-certificates/ISRG_Root_X1.crt |