Valid SSL certificate on a UDR


I recently got a Unifi Dream Router as an upgrade from the Unifi Security Gateway.

One of the differences is that the controller is hosted on the router itself, i quite often use the local access as opposed to going via unifi.ui.com. Since this is exposed locally on 443, i wanted to be able to access it without errors regarding invalid SSL certificates.

I found it was quite easy to provide a valid SSL certificate. I already have a wildcard certificate or *.gsellis.com, so I set a hostname in the internal DNS, and then copied over the wildcard cert and key to the UDR:

 scp privkey.pem fullchain.pem root@192.168.5.1:/tmp/

Then SSH into the UDR using credentials set in the controller, and navigate to /data/unifi-core/config and replace unifi-core.crt with fullchain.pem and unifi-core.key with privkey.pem. Once done you can restart the UI with:

systemctl restart unifi-core

And then navigate to the DNS name you set earlier and hopefully see a valid certificate:

Obviously this will need replacing each time the certificate expires, though i hope to setup a custom configuration in acme.sh to handle this.


Leave a Reply

Your email address will not be published.