Official Lets Encrypt Support for HTTPS

Submitted by -
Status: Accepted

Rather than self-signed certs, web-exposed controllers should have the ability to grab and automatically maintain a Let's Encrypt cert as a one-click solution.

 

Forum thread: http://community.ubnt.com/t5/UniFi-Wireless/Lets-Encrypt-and-UniFi-controller/m-p/1406670#M131139

Comments
by
on ‎10-11-2018 05:43 AM

@RIA-Wieckhorst that is pretty much what I am doing, and when looking in /usr/lib/unifi/data/keystore I can also see LetsEncrypt getting mentioned, but after restarting the controller, it still isn't using it.

by
on ‎10-11-2018 05:50 AM

@mikeydk "pretty much" is some times just a step away from "the same", so maybe you give it a try. I also had another way of doing this before and while it worked in 5.8.xx i am sure it would not work in 5.9.xx, but this cloudkey-renew-hook.sh script works 1:1 for me.

by
on ‎10-11-2018 06:04 AM

@RIA-Wieckhorst I found the solution here https://community.ubnt.com/t5/UniFi-Wireless/Lets-Encrypt-on-Hosted-Controller/m-p/2524498/highlight... only difference is the alias, but apparently that seems to have been the problem Man Happy

by
2 weeks ago

 Another +1 and we close in on 2019 and 3 years of asking for this. Better core security should be one of the highest priorities for UniFi, and ever more so with each passing month. Please throw us a bone here!

by
2 weeks ago

Where, oh where, Ubiquiti are our improvements?

by
2 weeks ago
@mikeydk i just succesfully deployed the LE certificate on local only controller using dns challenge. i followed this great manual https://community.ubnt.com/t5/UniFi-Wireless/How-To-Let-s-Encrypt-with-Cloud-Key-and-DNS-Challenge/t...
by
a week ago

All,

 

I've started the Easy UBNT project to help make setup of things like Let's Encrypt easier. You can safely run this script on an existing controller and get the benefit of a Let's Encrypt cert, it will add pre/post script hooks to automatically import the LE cert into the UniFi keystore upon renewal.

 

Check it out here:

 

https://community.ubnt.com/t5/UniFi-Wireless/Easy-UBNT-Install-Update-and-Secure-the-UniFi-SDN-Contr...

 

And view the source on GitHub:

 

https://github.com/sprockteam/easy-ubnt

 

--

Klint