User Tools

Site Tools


tips:networking:unifi_ssl_cert

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tips:networking:unifi_ssl_cert [2018/05/09 15:27] (current)
mattieu created
Line 1: Line 1:
 +====== Installing custom SSL certs on UniFi Cloud Key ====== 
 +===== Generate certificate ===== 
 +Generate the certificate with dehydrated:​ 
 +<​code>​$ cd dehydrated 
 +./​dehydrated -s unifi.csr > cloudkey.crt</​code>​ 
 +Then copy the renewed certificate to the UniFi Cloud Key. 
 +===== Install the new certificate ===== 
 +First archive the existing files: 
 +<​code>#​ cd /​etc/​ssl/​private 
 +# mkdir backup_2018-05-09 
 +# mv cert.tar cloudkey.crt ssl-cert-snakeoil.key unifi.keystore.jks backup_2018-05-09/</​code>​ 
 +Then, generate a signed.crt with only the new certificate (cloudkey.crt contains both our new certificate and the CA certificate),​ and copy the files: 
 +<​code>#​ mv ~/​cloudkey.crt . 
 +# mv ~/​signed.crt . 
 +# openssl pkcs12 -export -in signed.crt -inkey cloudkey.key -certfile cloudkey.crt -out unifi.p12 -name unifi -password pass:​aircontrolenterprise 
 +# keytool -importkeystore -srckeystore unifi.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -destkeystore unifi.keystore.jks -storepass aircontrolenterprise 
 +# rm signed.crt unifi.p12 
 +# tar cf cert.tar cloudkey.crt cloudkey.key unifi.keystore.jks 
 +# chown root:​ssl-cert cloudkey.crt cloudkey.key unifi.keystore.jks cert.tar 
 +# chmod 640 cloudkey.crt cloudkey.key unifi.keystore.jks cert.tar 
 +# /​etc/​init.d/​nginx restart; /​etc/​init.d/​unifi restart 
 +</​code>​ 
 +~~NOTOC~~
tips/networking/unifi_ssl_cert.txt · Last modified: 2018/05/09 15:27 by mattieu