Open simonlock opened 6 years ago
simonlock
commented
6 years ago acme.sh has generated the following files
ca.cer fullchain.cer domainaname.cer domainaname.conf domainaname.csr domainaname.csr.conf domainaname.key
Could someone please explain how this script is used to deploy the generated certificates into the unif controller? Has anyone had success using this script?
Thanks
3nth
commented
5 years ago Yes, it works for me on ubuntu with unifi controller. Perhaps your keystore file is in a different location or uses a non default password? The script default is /usr/lib/unifi/data/keystore and can be overridden by add this to your conf file for your domain:
DEPLOY_UNIFI_KEYSTORE="/usr/lib/unifi/data/keystore"
medmunds
commented
3 years ago @simonlock unifi.sh is an acme.sh "deploy hook". You don't run it directly, instead you refer to it in an acme.sh deploy command. Example:
acme.sh --deploy -d "unifi.example.com" --deploy-hook unifi(Where unifi.example.com is the domain you issued a cert for with an earlier acme.sh --issue command.)
To use the unifi deploy hook, you must be running acme.sh locally on your Unifi Controller machine. (The unifi deploy hook directly modifies the controller's keystore file.)
I've managed to create my lets encrypt certificates for unifi.mydomain.co.uk but cannot seem to get the unifi controller to use them. It was my understanding that the script /root/.acme.sh/deploy/unifi.sh would accomplish this for me. The comments within this script state that:
Here is a script to deploy cert to unifi server.
returns 0 means success, otherwise error.
Nothing is returned. I assume an error has occurred. Could somebody perhaps please point me in the correct direction with using this script?
Also I am using both unifi controller and unifi-video on the same debian box. Will this script deploy in such a way to cater for both apps on different ports?
Thanks in advance.