Re: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
On Wed, 26 Oct 2022 at 05:34, Stefan Monnier wrote: > > I always contact the manufacturer of the screws used in the products > > I buy rather than the company who assembled the product using > > said screws. > > Indeed, Ubiquity uses Debian as part of their devices a bit like other > companies use screws. Except AFAIK they don't use Debian as-is, so > getting good help directly from Debian is yet a bit harder. > > > Stefan > > Noted. Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore
Re: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
On Wed, 26 Oct 2022 at 04:54, chris wrote: > I always contact the manufacturer of the screws used in the products I buy > rather than the company who assembled the product using said screws. > > :) > Lol I don't understand. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore
Re: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
On Wed, 26 Oct 2022 at 04:31, Kushal Kumaran wrote: > On Tue, Oct 25 2022 at 09:56:50 PM, Turritopsis Dohrnii Teo En Ming < > tdtemc...@gmail.com> wrote: > > Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL > > Certificate in UniFi Cloud Key Gen 2 Plus > > > > Good day from Singapore, > > > > I am posting here because UniFi Cloud Key Gen 2 Plus is powered by Debian > > GNU/Linux 9. > > > > You should contact ubiquiti support, since they're the actual experts on > the hardware and software they've sold you. > > Start here https://help.ui.com/hc/en-us > > If you can't find what you need in their documentation and other > articles there, go to https://account.ui.com/mysupport to speak to > support personnel. > > You'll have much better chances of actually solving problems that way. > It would require a unifi expert (or possible, advanced unifi users) to > know how ubiquiti have modified debian for their hardware. There is a > non-zero chance such people are present on debian-user, but why not make > use of the support you've presumably paid for? > > > > > -- > regards, > kushal > > Hi Kushal, Thank you for your reply. I have posted my question in Ubiquiti UniFi community forums too. If need be, I will contact Ubiquiti technical support directly. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore
Re: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
> I always contact the manufacturer of the screws used in the products > I buy rather than the company who assembled the product using > said screws. Indeed, Ubiquity uses Debian as part of their devices a bit like other companies use screws. Except AFAIK they don't use Debian as-is, so getting good help directly from Debian is yet a bit harder. Stefan
Re: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
I always contact the manufacturer of the screws used in the products I buy rather than the company who assembled the product using said screws. :) - chris On Tue, Oct 25, 2022 at 1:31 PM Kushal Kumaran wrote: > On Tue, Oct 25 2022 at 09:56:50 PM, Turritopsis Dohrnii Teo En Ming < > tdtemc...@gmail.com> wrote: > > Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL > > Certificate in UniFi Cloud Key Gen 2 Plus > > > > Good day from Singapore, > > > > I am posting here because UniFi Cloud Key Gen 2 Plus is powered by Debian > > GNU/Linux 9. > > > > You should contact ubiquiti support, since they're the actual experts on > the hardware and software they've sold you. > > Start here https://help.ui.com/hc/en-us > > If you can't find what you need in their documentation and other > articles there, go to https://account.ui.com/mysupport to speak to > support personnel. > > You'll have much better chances of actually solving problems that way. > It would require a unifi expert (or possible, advanced unifi users) to > know how ubiquiti have modified debian for their hardware. There is a > non-zero chance such people are present on debian-user, but why not make > use of the support you've presumably paid for? > > > > > -- > regards, > kushal > >
Re: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
On Tue, Oct 25 2022 at 09:56:50 PM, Turritopsis Dohrnii Teo En Ming wrote: > Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL > Certificate in UniFi Cloud Key Gen 2 Plus > > Good day from Singapore, > > I am posting here because UniFi Cloud Key Gen 2 Plus is powered by Debian > GNU/Linux 9. > You should contact ubiquiti support, since they're the actual experts on the hardware and software they've sold you. Start here https://help.ui.com/hc/en-us If you can't find what you need in their documentation and other articles there, go to https://account.ui.com/mysupport to speak to support personnel. You'll have much better chances of actually solving problems that way. It would require a unifi expert (or possible, advanced unifi users) to know how ubiquiti have modified debian for their hardware. There is a non-zero chance such people are present on debian-user, but why not make use of the support you've presumably paid for? > -- regards, kushal
I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus
Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL Certificate in UniFi Cloud Key Gen 2 Plus Good day from Singapore, I am posting here because UniFi Cloud Key Gen 2 Plus is powered by Debian GNU/Linux 9. I have found many reference guides on installing SSL certificate in UniFi Cloud Key. Please refer to the following list. [1] How to install a SSL Certificate on Unifi Cloud Key Link: https://community.ui.com/questions/How-to-install-a-SSL-Certificate-on-Unifi-Cloud-Key/944dbbd6-cbf6-4112-bff5-6b992fcbf2c4#:~:text=Rename%20your%20purchased%20SSL%20certificate,Upload%20to%20Cloud%20Key%E2%80%9D%20folder.=Before%20we%20restart%20our%20Cloud,your%20SSL%20certificate%20is%20installed [2] How to install an SSL Certificate on Unifi Cloud Key? Link: https://www.ssldragon.com/blog/install-ssl-certificate-on-unifi-cloud-key/ [3] Protect the UniFi Cloud Key with a custom SSL certificate Link: https://clemens.ms/protect-the-unifi-cloud-key-with-a-custom-ssl-certificate/ [4] Deploy dehydrated generated certificate to Unifi controller Link: https://gist.github.com/jrotello/18ab3e1982d46b04a269dfbc63aa097f [5] How to quickly setup SSL certificate on Unifi Cloud Key Link: https://community.ui.com/questions/How-to-quickly-setup-SSL-certificate-on-Unifi-Cloud-Key/d991c17f-d7e0-4778-be83-f2a91c47bc63 [6] Unable to import the certificate into keystore Link: https://community.ui.com/questions/Unable-to-import-the-certificate-into-keystore/c9a42223-1d36-40bf-954a-059508d52263 However, only 2 reference guides worked for me. They are: [A] How to quickly setup SSL certificate on Unifi Cloud Key (Java method) Link: https://community.ui.com/questions/How-to-quickly-setup-SSL-certificate-on-Unifi-Cloud-Key/d991c17f-d7e0-4778-be83-f2a91c47bc63 [B] Unable to import the certificate into keystore Link: https://community.ui.com/questions/Unable-to-import-the-certificate-into-keystore/c9a42223-1d36-40bf-954a-059508d52263 I shall detail my attempts at following the instructions below. It is not possible to install SSL certificate in the UniFi Cloud Key using Web GUI at all. The only way to do it is through the Command Line Interface (CLI). There is no other way out. 1st Attempt FAILED - following the guide at https://www.ssldragon.com/blog/install-ssl-certificate-on-unifi-cloud-key/ == openssl genrsa -out /etc/ssl/private/cloudkey.key 2048 openssl req -new -batch \ -subj "/C=SG/ST=Singapore/L=Singapore /O=Teo-En-Ming-Corporation/OU=IT/CN=cloudkey.teo-en-ming-corp.com /emailAddress=c...@teo-en-ming-corp.com" \ -key /etc/ssl/private/cloudkey.key \ -out /etc/ssl/private/cloudkey.csr Upload the primary SSL certificate cloudkey.crt to /root cp /root/cloudkey.crt /etc/ssl/private/ openssl pkcs12 -export -in /etc/ssl/private/cloudkey.crt -inkey /etc/ssl/private/cloudkey.key -out /etc/ssl/private/cloudkey.p12 -name unifi -password pass:temppass keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /usr/lib/unifi/data/keystore -srckeystore /etc/ssl/private/cloudkey.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi Importing keystore /etc/ssl/private/cloudkey.p12 to /usr/lib/unifi/data/keystore... Existing entry alias unifi exists, overwrite? [no]: yes Warning: The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /usr/lib/unifi/data/keystore -destkeystore /usr/lib/unifi/data/keystore -deststoretype pkcs12". keytool -importkeystore -deststorepass temppass -destkeypass temppass -destkeystore /usr/lib/unifi/data/keystore -srckeystore /etc/ssl/private/cloudkey.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi Importing keystore /etc/ssl/private/cloudkey.p12 to /usr/lib/unifi/data/keystore... keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect mkdir /root/backup mv cloudkey.csr /root/backup/ mv cloudkey.p12 /root/backup/ tar -cvf cert.tar * chown root:ssl-cert /etc/ssl/private/* chmod 640 /etc/ssl/private/* apt-get install nano cp /etc/default/unifi /root/backup/ nano /etc/default/unifi UNIFI_SSL_KEYSTORE=/etc/ssl/private/unifi.keystore.jks cd /etc/ssl/private cp cloudkey.crt /usr/lib/unifi/ cd /root cp gd_bundle-g2-g1.crt /usr/lib/unifi/ cd /usr/lib/unifi root@Teo-En-Ming-Corporation:/usr/lib/unifi# java -jar lib/ace.jar import_cert cloudkey.crt gd_bundle-g2-g1.crt Unable to import the certificate into keystore root@Teo-En-Ming-Corporation:/usr/lib/unifi# java -jar lib/ace.jar import_cert cloudkey.crt Unable to import the certificate into keystore cd /root/backup/ cp cloudkey.p12 /usr/lib/unifi cd /usr/lib/unifi root@Teo-En-Ming-Corporation:/usr/lib/unifi# java -jar lib/ace.jar import_cert cloudkey.p12 Unable to import the certi