Skip to content

Instantly share code, notes, and snippets.

@anthony0030

anthony0030/Adding SSL certificate to Unifi cloud key.md

Last active April 26, 2023 01:16
Show Gist options
  • Save anthony0030/8d5d669fdebbedb1c8b091fee31562a6 to your computer and use it in GitHub Desktop.
Save anthony0030/8d5d669fdebbedb1c8b091fee31562a6 to your computer and use it in GitHub Desktop.
Download ZIP
Adding SSL certificate to Unifi cloud key
Raw
Adding SSL certificate to Unifi cloud key.md

Creating and Using SSL Certificate for Unifi Cloud Key 20/11/2020

Backup the certificates on the cloud key

  1. Use SFTP to connect to the cloud key with the cloud key credentials
  2. Copy the private folder (*/etc/ssl/private) to your local computer

Split the certificates into separate files

Create files named appropriately for each of the following:

  1. Certificate
  2. Intermediate Certificate
  3. Root Certificate
  4. Private Key They don't need any extensions. They need a blank line at the

Creating the new certificates

Create a copy of the folder named private, in this folder you will have 4 files:

  1. cloudkey.crt
  2. cloudkey.key
  3. unifi.keystore.jks
  4. unifi.keystore.jks.md5

You will edit them to have the new certificate information

cloudkey.crt

Delete the contents of this file and paste in order:

  1. Certificate
  2. Intermediate certificate
  3. Root Certificate
  4. Blank Line It will look like this:
-----BEGIN CERTIFICATE-----
***************************
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
***************************
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
***************************
-----END CERTIFICATE-----

^^^ NOTE THE BLANK LINE^^^^

cloudkey.key

Delete the contents of this file and paste in order:

  1. Private key
  2. Blank Line It will look like this:
-----BEGIN RSA PRIVATE KEY-----
*********
-----END RSA PRIVATE KEY-----

^^^ NOTE THE BLANK LINE^^^^

unifi.keystore.jks

  1. Open this file in KeyStore Explorer the password is aircontrolenterprise
  2. Delete certificate chain that exists
  3. Import key pair type open ssl
    1. Deselect encripted
    2. Select private key
    3. Select certificate
    4. When prompted for a password don't enter anything just click ok
    5. When prompted for a name put unifi
  4. Append Intermediate Certificate
    1. Right click newly created certificate chain
    2. Edit certificate chain
    3. Append Certificate
    4. Select the Intermediate Certificate
  5. Append Root Certificate
    1. Right click newly created certificate chain
    2. Edit certificate chain
    3. Append Certificate
    4. Select the Root Certificate
  6. Save and exit KeyStore Explorer

unifi.keystore.jks.md5

This file contains the md5 sum of unifi.keystore.jks and its location. Replace the md5 sum with the new one. you can create it by running:

  md5 unifi.keystore.jks

It will look like this:

3f234d61765d05c08000222e5efea2db */etc/ssl/private/unifi.keystore.jks

^^^ NOTE THE BLANK LINE^^^^

Upload the new certificates to the cloud key

  1. Use SFTP to connect to the cloud key with the cloud key credentials
  2. Replace the private folder (*/etc/ssl/private) with the new one you created
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment