Valid SSL certificate on a UDR


I recently got a Unifi Dream Router as an upgrade from the Unifi Security Gateway.

One of the differences is that the controller is hosted on the router itself, i quite often use the local access as opposed to going via unifi.ui.com. Since this is exposed locally on 443, i wanted to be able to access it without errors regarding invalid SSL certificates.

I found it was quite easy to provide a valid SSL certificate. I already have a wildcard certificate or *.gsellis.com, so I set a hostname in the internal DNS, and then copied over the wildcard cert and key to the UDR:

 scp privkey.pem fullchain.pem root@192.168.5.1:/tmp/

Then SSH into the UDR using credentials set in the controller, and navigate to /data/unifi-core/config and replace unifi-core.crt with fullchain.pem and unifi-core.key with privkey.pem. Once done you can restart the UI with:

systemctl restart unifi-core

And then navigate to the DNS name you set earlier and hopefully see a valid certificate:

Obviously this will need replacing each time the certificate expires, though i hope to setup a custom configuration in acme.sh to handle this.


One response to “Valid SSL certificate on a UDR”

  1. As there is no comment yet: This approach works like a charm, thank you very much for the description. I tried for the first time in September and had to renew now. Everything runs perfect.

    Best regards,
    Matthias

Leave a Reply

Your email address will not be published. Required fields are marked *