##Installing a custom SSL cert on Unifi Controller
Requirements:
- Domain certificate (*.crt)
- Certificate key (*.key)
- Intermediate certificate from CA (*.crt, *.pem)
- Permissions to restart the unifi service
- Debian or Ubuntu Unifi Controller installation
###Backup your current keystore
cd /var/lib/unifi
sudo cp keystore keystore.bkp
###Create pkcs12 certificate
openssl pkcs12 -export -in domain_certificate.crt -inkey domain_certificate_priv.key -out domain_certificate.p12 -name unifi -CAfile "intermediate_cert_from_CA.crt" -caname root -password pass:aircontrolenterprise
Copy your new cert to /etc/ssl/private
sudo cp domain_certificate.p12 /etc/ssl/private
###Replace certificate in keystore with newly created cert
sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /usr/lib/unifi/data/keystore -srckeystore /etc/ssl/private/domain_certificate.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -alias unifi
When prompted to replace the current certificate, say yes.
###Restart the Unifi Controller service
sudo /etc/init.d/unifi restart
I get