Unifi controller will by default use its self-signed certificate to secure the connection, causing the web browser to flash up with insecure connection.
To prevent this, you need to add your own custom certificate to the controller. Continue reading the article to see how to install an SSL certificate on Unifi-Controller.
Generate CSR code or SSL Certificate
The Certificate Signing Request, or simply CSR, is a block of encoded text with your contact details such as domain and company identity. To receive an SSL Certificate, every applicant must generate a CSR code and send it to the Certificate Authority (CA) for validation. In my case I have already purchased a valid certificate from Comodo SSL authority.
SSL Certificate installation on Unifi-Controller
If you have purchased an SSL certificate from a trusted Authority it will provide you .crt files, but to install it to Unifi you need a .PFX file of that certificate.
Follow below steps to export certificate in .PFX format:
Note: File name is very important, make sure you are using it as suggested. As if it is asking for password while saving it use “aircontrolenterprise”.
certutil -repairstore my “Certificate Serial Number”
Certutil.exe is a command-line program, installed as part of Certificate Services. You can use certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains.