So you have a Ubiquiti Dream Machine Pro (UDM pro) box, and you want to install SSL certificates?
This goes for the OS Version 3.2+
This is quite straightforward in a few single steps.
- Enable SSH login in the machine.
- Connect by SSH using “admin” and your password to the machine.
- do a
cd /data/unifi-core/config
- In there, do a backup:
tar zcvf backup.tgz *
and download this file (sftp / scp).
scp [email protected]:/data/unifi-core/config/backup.tgz . - in there, you should find the following files:
unifi-core-direct.crt
unifi-core-direct.key
unifi-core.crt
unifi-core.key
- Make a copy of your SSL key, and rename it as unifi-core.key and unifi-core-direct.key
- Create a new file called unifi-core.crt, and in this file, you copy in your certificate
followed by the root CA bundle from your certificate issuer, such as :
<certificate_file>
<bundle_file>
and save it, then copy the file unifi-core.crt to unifi-core-direct.crtHere’s the command line steps to create the files for all above:
cat cert.key > unifi-core.key
cat cert.key > unifi-core-direct.key
cat cert.pem > unifi-core.crt
echo "" >> unifi-core.crt
cat cert.ca-bundle.pem >> unifi-core.crt
cp unifi-core.crt unifi-core-direct.crt
- Upload the files (sftp/scp) to the folder /data/unifi-core/config
scp unifi-core-* [email protected]:/data/unifi-core/config/
- On your UDM pro, issue the command:
systemctl restart unifi-core
You should now be able to connect to the machine using the https and certificate.
Note that you may need to point out the address in your DNS, or add the IP in your lmhosts/hosts file,
such as192.168.0.1 gw.<domain.tld>
That should be it, and you should have a working SSL certificate on the box.
Note that updates of the OS, may reset the files, so keep them handy.
Good luck!