Cloud Key UniFi SSL Certificate Installation

แชร์
ฝัง
  • เผยแพร่เมื่อ 24 ธ.ค. 2024

ความคิดเห็น • 49

  • @demonmaestro
    @demonmaestro 5 ปีที่แล้ว +4

    Does this still work with the Gen2 cloudkey and can we get a video with LetsEncrypt?

  • @AllYouWantAndMore
    @AllYouWantAndMore 7 ปีที่แล้ว +9

    ok... super duper please... please, please... make a video on CLOUDkey Let's Encrypt SSL installation, with bot for autoupdate, since let's Encrypt only lasts like 7 days.

  • @garrettlewis9627
    @garrettlewis9627 6 ปีที่แล้ว +2

    I think you should update the last part of the Google doc so it doesn't have the last bit of commands out of order, and so it's actually complete and not dropping off before the end.
    Other than that, great tutorial. Thanks!

  • @toysareforboys1
    @toysareforboys1 7 ปีที่แล้ว

    Grats on 7500! :)

  • @KyleRiley721
    @KyleRiley721 4 ปีที่แล้ว

    @Willie Howe, can you do an update to this video for the cloud key and maybe even the UDM-Pro?

  •  7 ปีที่แล้ว +2

    Perfect description. worked in first try for me (without the bug you seen at last)
    one queston: is the full procedure needed again, if the cloudkey/unifi gets an update?
    greetings from germany

  • @4SquareHI
    @4SquareHI 3 ปีที่แล้ว

    I have several UniFi-CloudKey-Gen2-Plus's in production and would like to do the same. Also I upgraded to the latest firmware that uses Unifi-OS. Will these steps work for that along with the Unifi-Protect side?

  • @davidlenihan4124
    @davidlenihan4124 5 ปีที่แล้ว

    Thanks again for making these video's. I am trying to install the certificate and the save activation part (about (9:30 into the video) does not have a past part. You download the txt file. Can you provide any assistance? Thanks

  • @bjazi085
    @bjazi085 4 ปีที่แล้ว

    You are awesome. This worked for me on Unif controller Gen2+. However, I had to adjust the .crt files by removing the spaces and make them in one line.

    • @jaypatel6441
      @jaypatel6441 4 ปีที่แล้ว

      Jonathan Cassar hi. Is there a way you could help me with this please?

  • @michaeldrankin
    @michaeldrankin 4 ปีที่แล้ว

    Great video! Does the same method work for the UDM?

  • @NielsBasjes
    @NielsBasjes 6 ปีที่แล้ว

    Thanks for the clear video.
    Two things:
    1) I ran into the issue that I got this error:
    nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/NBA-cloudkey.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
    It turns out that the ORDER in which you combine the certificates matters (I didn't know that before).
    2) What happens when you upgrade the cloud-key to the next version? I changing the nginx config file a good idea (or do those get wiped)?

  • @handpuppe
    @handpuppe 5 ปีที่แล้ว

    Question... where you add the address record... thats a local tool correct? I mean I can add a A record on my domain console.. but not point it to my local addresses...just my public ip.

  • @MagnusWiborn
    @MagnusWiborn 6 ปีที่แล้ว

    Hi Willie. Great video. In CloudKey ver 0.8.10 and Unifi Controller v 5.6.30, the CSR gets created in directory /usr/lib/unifi/data.

  • @blockheads88
    @blockheads88 7 ปีที่แล้ว

    Do you have instructions on how to get a cert onto Unifi video? It looks unifi controller locations may be a little different.. This video may be similar to that will take a look but if you know for that would be great.

  • @ikkuranus
    @ikkuranus 7 ปีที่แล้ว

    I assume you don't host any customer sites on your controller or none of them require admin access to their own site on your controller?

  • @PhildeVerges
    @PhildeVerges 6 ปีที่แล้ว

    Thanks for the guide, I had to split the ca-bundle file into individual .crt files but it was a simple process after following these steps.

  • @michaelkalsina3285
    @michaelkalsina3285 7 ปีที่แล้ว +1

    Hey Willie keep up the good work Love watching you UBNT how too Videos Just completed the SSL cert on CloudKey Video although In practice in failed when I got to the Last part of the Video starting at the Cat.... Command it returns a response of (Input=Output) is this meant to happen?? Any help would be Greatly Appreciated

  • @User-uk1bs
    @User-uk1bs 7 ปีที่แล้ว +3

    Excellent video! I was able to successfully install the certificate on my cloudkey.
    However I still have certificate problems on the guest portal.
    When users try to connect to the guest network with an android device, chrome automatically opens with google.com, the guest's browser is expecting certificates from google, where we cannot spoof, and leads to certificate error, before being redirected to the guest portal that has a valid certificate. Is it possible to solve this?

  • @philparker3934
    @philparker3934 6 ปีที่แล้ว

    Hi Willie. Thanks for a great video. How about a video on local resolving DNS internally with a Synology NAS?

  • @matthewtangreti3874
    @matthewtangreti3874 7 ปีที่แล้ว

    So whenever I copy the cert code into the activation terminal it repeatedly tells me that I am using the wrong form of the country code even though I type US not USA as the country code is there a specific way you have to do it if your town is two words vs one word.

  • @jashanjp87
    @jashanjp87 6 ปีที่แล้ว

    Hey Willie, i followed your instructions however now i'm getting ERR_SSL_PROTOCOL_ERROR. would you have any clue as to what could be causing this? cheers

  • @BunroyPark
    @BunroyPark 7 ปีที่แล้ว

    Hey, sorry for my lack of knowledge - but how to you save once you have commented out the UNIFI_SSL_KEYSTORE=/etc/ssl/private/unifi.keystore.jks. is there a keyboard shortcut. I have the get help, write out etc... at the bottom of the cmd, just not sure what to do. cheers.

    • @StephenMcMahonJ
      @StephenMcMahonJ 7 ปีที่แล้ว

      Sounds like you have nano already but going to start from installing nano for anyone else
      apt-get update
      apt-get install nano
      nano /etc/default/unifi
      edit comment out by placing a # in front as the 1st character
      ctrl + o = "writeout" to save
      Return/enter key -- it's asking to confirm the file name
      ctrl + x = exit
      das it

  • @mikemikle1
    @mikemikle1 7 ปีที่แล้ว

    If I do not need to make any changes on Ubiquiti equipment after configuration, do i need to have controller software of unifi cloud key running all the time? Do Ubiquiti equipment work after configuration, if they do not have a unifi cloud key or controller software running all the time, or I need the software or unifi cloud key in order to run any Ubiquiti devices?

  • @gerrytessier2057
    @gerrytessier2057 6 ปีที่แล้ว

    Works great with IE/Edge. However, Chrome and Firefox throw cert errors because of the cert missing a "Subject Alternative Name". Some time ago, Chrome and Firefox decided to validate against the SAN as opposed to the Common Name. Is there a tweak to the command that I can use for the CSR so that I can include the SAN?

    • @gerrytessier2057
      @gerrytessier2057 6 ปีที่แล้ว

      One important detail: I used a Microsoft CA (AD CS) to create the certificate using the web server template.

  • @arthurvdvelde
    @arthurvdvelde 7 ปีที่แล้ว

    Thanks for the video and with the 8000+ subscribers. I have a question, has something changed with the v5.4.11 / v0.6.2 version? or is it just me :(
    I get this while breaking the link:
    root@UniFi-CloudKey:~# rm /usr/lib/unifi/data/keystore && cp /etc/ssl/private/unifi.keystore.jks /usr/lib/unifi/data/keystore
    rm: cannot remove '/usr/lib/unifi/data/keystore': No such file or directory
    Thanks,
    Arthur

  • @adminpaulo6361
    @adminpaulo6361 4 ปีที่แล้ว

    Hello, first I would like to thank you for this video that helped me a lot, I managed to work with two cloudkeys with SSL at the beginning of January 2020 perfectly, but now the steps that are in this video are no longer useful, I don't know how it changed but I can't do it anymore the cloudkey with SSL, even taking spaces and line breaks of the certificates. Please make a new video for cludkey with SSL. Thank you in advance.

  • @RaymondSigar
    @RaymondSigar 6 ปีที่แล้ว

    How do I install the cert by using dynamic dns from google domain? Is it possible?

  • @anthonybastian4260
    @anthonybastian4260 7 ปีที่แล้ว

    in 5.6.22 it doesn't seem to have the /var/lib/unifi folder anymore. Cant find the .pem files

  • @AllYouWantAndMore
    @AllYouWantAndMore 7 ปีที่แล้ว

    thank you for clarifying Sudo

  • @philipedwards7529
    @philipedwards7529 7 ปีที่แล้ว

    In 5.4.15-9230 the CSR files are created in /srv/unifi/data
    Just a heads up

  • @s2branc
    @s2branc 7 ปีที่แล้ว

    How about using a wildcard certificate I have already obtained for my domain?

    • @juljanicki
      @juljanicki 5 ปีที่แล้ว

      Same here. We've obtained a wildcard cert for our domain and I'd like to use it. Don't know exactly which files should be generated for the crts. Can you extract it from the pf12 file?

  • @BrandonGonzalez-kn6yu
    @BrandonGonzalez-kn6yu 5 ปีที่แล้ว

    Does this still work for 5.12?

  • @emck68
    @emck68 7 ปีที่แล้ว

    I am getting an error when i try to import the key "unable to import the certificate into keystore" but when I downloaded the files I only got 2 file unifi_mydomain_com.cet and unifi_mydomain_com.ca-bundle.
    I used the comand
    "java -jar lib/ace.jar import_cert unifi.mydomain.com.ctr unifi.mydomain.com.ca-bundle"

    • @joshhowell3627
      @joshhowell3627 7 ปีที่แล้ว

      I was getting the same thing, when you are getting your certs and you have the option to select apache or windows select the windows it will send you the four certs that you see in the video. (this is in the setup of the cert process on the SSLs.com site, just before you email it to yourself)After I did that I replaced the bundle with the three certs and its working.

  • @regchan
    @regchan 7 ปีที่แล้ว

    would you beable to do a windows ssl cert please thanks if this is possible

    • @philipcook7608
      @philipcook7608 7 ปีที่แล้ว

      I'm wondering about this as well.

  • @mrdubble8004
    @mrdubble8004 7 ปีที่แล้ว +1

    The issue is idiots like me failed to comprehend that you need your own DNS server for this to work, which is a completely different hurdle.

  • @pinokiopinokio79
    @pinokiopinokio79 7 ปีที่แล้ว

    Hi Everybody
    Correct me if i wrong,
    In unifi cloudekey version 5.6.22 the installation of unifi didnt work due to file not found.
    According to Willie tutorial:
    cd /usr/lib/unifi
    sudo java -jar lib/ace.jar new_cert unifi.mydomain.dom “My Company Name” City State CC*
    *(cc = 2 letter country code)
    You will enter your password and then it will create your CSR in /var/lib/unifi
    Do: more unifi_certificate.csr.pem
    I found out :
    root@UniFi-CloudKey:/usr/lib/unifi# find / -name "unifi*.csr.pem"
    /srv/unifi/data/unifi_certificate.csr.pem
    root@UniFi-CloudKey:/usr/lib/unifi#

  • @tonyreyes1441
    @tonyreyes1441 6 ปีที่แล้ว

    I need your HELP!!!!! Willie

  • @knietiefimdispo2458
    @knietiefimdispo2458 4 หลายเดือนก่อน

    Ubiquiti changes directories and config files regularly. So if you want to install a certificate you better wait until they implement it in the gui. Still waiting for that feature since 8 years. Ubiquiti certificate management is a joke.

  • @adminpaulo6361
    @adminpaulo6361 4 ปีที่แล้ว

    Does this still work for 6.0.28?