Unifi controller ssl certificate
![unifi controller ssl certificate unifi controller ssl certificate](https://edledge.com/wp-content/uploads/2021/08/Certifiate-Error.jpg)
ca-chain.crt (intermediate certificate chain in PEM format, NOT including the root CA).I purchased a SSL certificate for, so I started with the following files: In good news, it’s pretty simple to replace the SSL certificate used by the UniFi application server. This might be OK for a local (LAN) deployment if you’re willing to put up with browser warnings, but is definitely a faux pas for a hosted controller. The UniFi controller package ships with a self-signed SSL certificate by default. This is a good time to set up a DNS CNAME for your instance (i.e CNAME .com) and purchase an SSL certificate for that domain. After all, you probably aren’t interested in purchasing an SSL certificate for the domain .com. The rest of this walkthrough only makes sense if you have a ‘pretty’ DNS name to use for your new controller instance. You should now be able to connect to the controller UI via your browser at and complete the first-run setup wizard for the UniFi controller. Also, if you choose the unifi3 channel, you’ll likely have to modify the target of JAVA_HOME in /etc/init.d/unifi, as they hardcoded an obsolete path to the JVM. Note that UniFi Switch and UniFi Security Gateway products are only supported by the unifi4 version of the controller ( 4.x series). Sudo apt-key adv -keyserver -recv C0A52C50ĮDIT : Ubiquiti repo channels unifi-beta and unifi-rapid have been renamed to unifi4 (stable) and unifi3 (oldstable). com) and connect to it via SSH.Įcho 'deb unifi4 ubiquiti' | sudo tee /etc/apt/sources.list Once your new instance has booted, find the host name (e.g. I created a t2.micro instance using the official Ubuntu 14.04 AMI, making sure to assign the unifi-controller security group to the instance. You should restrict the inbound traffic sources to networks where you have deployed UniFi equipment that will talk to the controller.Ĭreate a new EC2 instance. UDP 3478 (STUN for UniFi AP management).TCP 8843 (UniFi guest portal HTTPS port).TCP 8880 (UniFi guest portal HTTP port).TCP 8443 (UniFi controller UI/API port).TCP 8081 (UniFi management/shutdown port).
![unifi controller ssl certificate unifi controller ssl certificate](https://test951575525.files.wordpress.com/2020/09/unifi_docker_traefik.jpg)
I created a group called unifi-controller that allows inbound traffic to the following ports. If you’re new to AWS, Amazon has a nice tutorial for creating an EC2 instance.Ĭreate a new EC2 security group that opens inbound access to all necessary UniFi ports. I assume that you have some familiarity with AWS - demonstrating security group and instance creation is outside the scope of this walkthough. secure the controller and nginx proxy with our own SSL certificate.configure nginx as a reverse proxy (to preserve the native port mapping that ships with the controller).
Unifi controller ssl certificate install#