Orbits IT

Ubiquiti Unifi Controller – SSL Certificate Install/Renew on Windows

Every year we go through the renewal process for our self hosted Ubiquiti Unifi Controller SSL certificate – and every year it nearly sends me over the edge! This year to assist our future selves and hopefully some of you, I’ve documented the process!

First off you need a couple of tools:

Keystore Explorer

DigiCertUtil

  1. Run the DigiCert Util first, create a CSR and save it.
  2. Use the CSR just created to go buy a legit cert – we use SSL2Buy
  3. Import your new cert into the DigiCert Util.
  4. Export the cert, including the private key, using the default settings:
  5. When it asks for a password for the export use “aircontrolenterprise”
  6. Open up Keystore Explorer, and open up the
  7. “%UNIFI_BASE%\data\keystore” file.  Use “aircontrolenterprise” as the password.
  8. From the “Tools” menu, choose “Import Key Pair”.  The default option of PKCS #12 should be fine.
  9. Use “aircontrolenterprise” as the Decryption Password, and browse to the location of the file you created in Step 4.
  10. When Prompted for a “New Key Pair Alias”, change it to “unifi” and click OK.
  11. You will be prompted to overwrite the existing alias.  Click “Yes”.
  12. From the File menu, choose Save.
  13. Close Keystore Explorer
  14. Restart the Unifi softwareBoom job done for another year!
Follow us

A quick overview of the topics covered in this article.

Latest articles