Last active
March 13, 2020 15:24
-
-
Save mattrude/a0e00024b14351e51a78193d9d8e4e33 to your computer and use it in GitHub Desktop.
This small script will update your Unifi Controller's TLS Cert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ######################################################### | |
| # A Small script to update the UniFi Keystore file from # | |
| # an letsencrypt auto generated certificate. # | |
| ######################################################### | |
| # The Domain of the UniFi Controller | |
| DOMAIN='unifi.lan.therudes.com' | |
| # Update the Letsencrypt Cert | |
| /usr/bin/letsencrypt renew | |
| # Checking if the key has been updated. | |
| if [ /etc/letsencrypt/live/${DOMAIN}/privkey.pem -nt /usr/lib/unifi/data/keystore ]; then | |
| echo "Updating UniFi Cert" | |
| # Stop the UniFi Controller | |
| /usr/bin/service unifi stop | |
| # Export the newly created Letsencrypt Cert | |
| echo 2413FB3709B05939F | /usr/bin/openssl pkcs12 -export -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -in /etc/letsencrypt/live/${DOMAIN}/cert.pem -name unifi -out /etc/letsencrypt/live/${DOMAIN}/keys.p12 -password stdin | |
| # Convert the newly created Letsencrypt Cert to UniFi's keystore format | |
| echo y | /usr/bin/keytool -importkeystore -srckeystore /etc/letsencrypt/live/${DOMAIN}/keys.p12 -srcstoretype pkcs12 -destkeystore /usr/lib/unifi/data/keystore -storepass aircontrolenterprise -srcstorepass 2413FB3709B05939F | |
| # Restart the UniFi Controller | |
| /usr/bin/service unifi start | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment