I pulled together a few scripts and sites and found a simpler path to get Let’s Encrypt working on the Unifi Controller.
Pre-requisites:
- Port 443 opened on the box
- Unifi 5.10 or newer. May work on older installs but no guarantees.
- Ubuntu 16.04 or newer. May work with older installs but no guarantees.
Now the quick how-to:
After connecting to the server via SSH, run the following:
wget https://util.wifi.gl/unifi-import-cert.sh cp ./unifi-import-cert.sh /etc/letsencrypt/renewal-hooks/post/ chmod o+x /etc/letsencrypt/renewal-hooks/post/unifi-import-cert.sh wget https://dl.eff.org/certbot-auto chmod o+x ./certbot-auto ./certbot-auto certonly /etc/letsencrypt/renewal-hooks/post/unifi-import-cert.sh
If prompted to enter any information, use option 1 to setup a temporary web server for the challenge and enter your unifi.domain.tld hostname (this must have a DNS record that is available external to your network.
This should get you going, now we just need to schedule the renewal of the certificate on a monthly basis. To do this, we’ll do the following:
Open Crontab with crontab -e
enter this line:
0 0 1 * * ./certbot-auto renew
Save Crontab and you should be ready to go.