Skip to content

Instantly share code, notes, and snippets.

@stevejenkins
Last active August 30, 2021 03:57
Show Gist options
  • Save stevejenkins/639ca3470b28e07b36bacb29efcec37f to your computer and use it in GitHub Desktop.
Save stevejenkins/639ca3470b28e07b36bacb29efcec37f to your computer and use it in GitHub Desktop.
Import and use SSL certificates (including Let's Encrypt) with the Ubiquiti UniFi Controller on Unix/Linux Systems
# MOVED TO https://github.com/stevejenkins/unifi-linux-utils
@dalenoe
Copy link

dalenoe commented Jun 28, 2016

I am trying to get this to work on a ubuntu machine.. I've ran it run and it failed, but it's probably something on my end with the chain. I've been limited on time, but hope to get to it this week more.

@reillychase
Copy link

reillychase commented Nov 15, 2016

Works great! Thanks this saved me lots of time trying to figure this out. I used Let's Encrypt on Ubuntu 16.04

@reillychase
Copy link

reillychase commented Nov 18, 2016

Having a problem now when I am trying to run this script (Lets Encrypt Mode) after switching unifi default ports from 8080 to 80 and 8443 to 443.

Here is the script I wrote to do this from a basic install of Ubuntu 16.04:


sudo apt-get update -y
sudo apt-get upgrade -y
echo "deb http://www.ubnt.com/downloads/unifi/debian unifi5 ubiquiti" > /etc/apt/sources.list.d/ubnt.list
apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
apt-get update -y
apt-get install unifi -y
service unifi stop
echo "unifi.http.port=80" >> /usr/lib/unifi/data/system.properties
echo "unifi.https.port=443" >> /usr/lib/unifi/data/system.properties
service unifi start
sudo apt-get install letsencrypt -y
letsencrypt certonly --webroot -w /usr/lib/unifi/webapps/ROOT -d unifi.mydomain.com
cd /opt
sudo apt-get install git
git clone https://gist.github.com/639ca3470b28e07b36bacb29efcec37f.git
cd 639ca3470b28e07b36bacb29efcec37f
mv unifi_ssl_import.sh ..
cd ..
rm -rf 639ca3470b28e07b36bacb29efcec37f
chmod +x unifi_ssl_import.sh
sed -i -e 's/UNIFI_HOSTNAME=hostname.example.com/UNIFI_HOSTNAME=unifi.mydomain.com/g' unifi_ssl_import.sh
sed -i -e 's/UNIFI_DIR=\/opt\/UniFi/UNIFI_DIR=\/usr\/lib\/unifi/g' unifi_ssl_import.sh
sed -i -e 's/UNIFI_SERVICE_NAME=UniFi/UNIFI_SERVICE_NAME=unifi/g' unifi_ssl_import.sh
sed -i -e 's/LE_MODE=no/LE_MODE=yes/g' unifi_ssl_import.sh
./unifi_ssl_import.sh

The Unifi Controller is working before I run your script, but after I run your script the browser spins and spins and never loads the page. The port is listening however.

This is the output of curl

root@unifi:/opt# curl -i -k https://localhost -vvvv
* Rebuilt URL to: https://localhost/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 692 certificates in /etc/ssl/certs
* ALPN, offering http/1.1

Any ideas?

@stevejenkins
Copy link
Author

stevejenkins commented Nov 27, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment