Skip to content

Instantly share code, notes, and snippets.

@stevejenkins
Last active August 30, 2021 03:57
Show Gist options
  • Star 23 You must be signed in to star a gist
  • Fork 7 You must be signed in to fork a gist
  • Save stevejenkins/639ca3470b28e07b36bacb29efcec37f to your computer and use it in GitHub Desktop.
Save stevejenkins/639ca3470b28e07b36bacb29efcec37f to your computer and use it in GitHub Desktop.
Import and use SSL certificates (including Let's Encrypt) with the Ubiquiti UniFi Controller on Unix/Linux Systems
# MOVED TO https://github.com/stevejenkins/unifi-linux-utils
@reillychase
Copy link

reillychase commented Nov 18, 2016

Having a problem now when I am trying to run this script (Lets Encrypt Mode) after switching unifi default ports from 8080 to 80 and 8443 to 443.

Here is the script I wrote to do this from a basic install of Ubuntu 16.04:


sudo apt-get update -y
sudo apt-get upgrade -y
echo "deb http://www.ubnt.com/downloads/unifi/debian unifi5 ubiquiti" > /etc/apt/sources.list.d/ubnt.list
apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
apt-get update -y
apt-get install unifi -y
service unifi stop
echo "unifi.http.port=80" >> /usr/lib/unifi/data/system.properties
echo "unifi.https.port=443" >> /usr/lib/unifi/data/system.properties
service unifi start
sudo apt-get install letsencrypt -y
letsencrypt certonly --webroot -w /usr/lib/unifi/webapps/ROOT -d unifi.mydomain.com
cd /opt
sudo apt-get install git
git clone https://gist.github.com/639ca3470b28e07b36bacb29efcec37f.git
cd 639ca3470b28e07b36bacb29efcec37f
mv unifi_ssl_import.sh ..
cd ..
rm -rf 639ca3470b28e07b36bacb29efcec37f
chmod +x unifi_ssl_import.sh
sed -i -e 's/UNIFI_HOSTNAME=hostname.example.com/UNIFI_HOSTNAME=unifi.mydomain.com/g' unifi_ssl_import.sh
sed -i -e 's/UNIFI_DIR=\/opt\/UniFi/UNIFI_DIR=\/usr\/lib\/unifi/g' unifi_ssl_import.sh
sed -i -e 's/UNIFI_SERVICE_NAME=UniFi/UNIFI_SERVICE_NAME=unifi/g' unifi_ssl_import.sh
sed -i -e 's/LE_MODE=no/LE_MODE=yes/g' unifi_ssl_import.sh
./unifi_ssl_import.sh

The Unifi Controller is working before I run your script, but after I run your script the browser spins and spins and never loads the page. The port is listening however.

This is the output of curl

root@unifi:/opt# curl -i -k https://localhost -vvvv
* Rebuilt URL to: https://localhost/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 692 certificates in /etc/ssl/certs
* ALPN, offering http/1.1

Any ideas?

@stevejenkins
Copy link
Author

stevejenkins commented Nov 27, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment