Skip to content

Instantly share code, notes, and snippets.

Last active August 30, 2021 03:57
  • Star 23 You must be signed in to star a gist
  • Fork 7 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save stevejenkins/639ca3470b28e07b36bacb29efcec37f to your computer and use it in GitHub Desktop.
Import and use SSL certificates (including Let's Encrypt) with the Ubiquiti UniFi Controller on Unix/Linux Systems
Copy link

dalenoe commented Jun 28, 2016

I am trying to get this to work on a ubuntu machine.. I've ran it run and it failed, but it's probably something on my end with the chain. I've been limited on time, but hope to get to it this week more.

Copy link

reillychase commented Nov 15, 2016

Works great! Thanks this saved me lots of time trying to figure this out. I used Let's Encrypt on Ubuntu 16.04

Copy link

reillychase commented Nov 18, 2016

Having a problem now when I am trying to run this script (Lets Encrypt Mode) after switching unifi default ports from 8080 to 80 and 8443 to 443.

Here is the script I wrote to do this from a basic install of Ubuntu 16.04:

sudo apt-get update -y
sudo apt-get upgrade -y
echo "deb unifi5 ubiquiti" > /etc/apt/sources.list.d/ubnt.list
apt-key adv --keyserver --recv C0A52C50
apt-get update -y
apt-get install unifi -y
service unifi stop
echo "unifi.http.port=80" >> /usr/lib/unifi/data/
echo "unifi.https.port=443" >> /usr/lib/unifi/data/
service unifi start
sudo apt-get install letsencrypt -y
letsencrypt certonly --webroot -w /usr/lib/unifi/webapps/ROOT -d
cd /opt
sudo apt-get install git
git clone
cd 639ca3470b28e07b36bacb29efcec37f
mv ..
cd ..
rm -rf 639ca3470b28e07b36bacb29efcec37f
chmod +x
sed -i -e 's/'
sed -i -e 's/UNIFI_DIR=\/opt\/UniFi/UNIFI_DIR=\/usr\/lib\/unifi/g'
sed -i -e 's/LE_MODE=no/LE_MODE=yes/g'

The Unifi Controller is working before I run your script, but after I run your script the browser spins and spins and never loads the page. The port is listening however.

This is the output of curl

root@unifi:/opt# curl -i -k https://localhost -vvvv
* Rebuilt URL to: https://localhost/
*   Trying
* Connected to localhost ( port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 692 certificates in /etc/ssl/certs
* ALPN, offering http/1.1

Any ideas?

Copy link

stevejenkins commented Nov 27, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment