Monday, 20 February 2023

SSL Certificate on UDM-PRO 2.4.x

 

To get some SSL certs onto a UDM-PRO (V2.4.27)

copy the SSL certificate for the host (generated or bought) and the key file to:

/data/unifi-core/config/unifi-core.crt
/data/unifi-core/config/unifi-core.key
reboot

Then for the Guest Portal a Java Keystore file is used.

password for keystore
aircontrolenterprise
openssl pkcs12 -export -in /data/unifi-core/config/unifi-core.crt -inkey /data/unifi-core/config/unifi-core.key -out unifi.p12 -name unifi -caname root
and then import the keystore

keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /usr/lib/unifi/data/keystore -srckeystore unifi.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -alias unifi
and just to make sure reboot 

reboot

Then to ensure the Guest portal redirect correctly to the DNS record and not the IP address.














Set the "Profiles" > "Guest Hotspot" > "Advanced" to:
1: Manual
2: Ensure HTTPS Redirection is on
3: Redirect Using Hostname 
4: insert the FQDN of the UDM-PRO (or matching Certificate name that can resolve)