Closed magic2910 closed 4 years ago
Hm, I kind of added support just now here: https://github.com/kchristensen/udm-le/commit/9cf2df493ed11def6de86737fa7446d7ff5137f5
However as you mentioned it is annoyingly not reboot safe, and making it work on boot is going to basically mean restarting the unifi-os container at some point post reboot every time, which is kind of annoying.
I never noticed this used a different cert because I don't use the captive portal, but I'll have to think about how the best way to handle making this work post reboot and not just when a certificate gets reissued.
This is not working. I did some research - you had to create / modify a java keystore for the secure guest portal. https://www.ssls.com/knowledgebase/installing-an-ssl-certificate-on-ubiquiti-unifi/ The path for the keystore is /mnt/data/unifi-os/unifi/data/keystore Is this possible in the udm-le script?
Ok this did the trick for me:
run in unifi-os shell: java -jar /usr/lib/unifi/lib/ace.jar import_key_cert "/data/unifi-core/config/unifi-core.key" "/data/unifi-core/config/unifi-core.crt"
restart unifi-os
could you build in this in your script?
Just pushed a commit, try that on for size.
@magic2910 if you come back to this, it'd be nice to know with the changes in #8 that have been merged to master, if your workflow still continues to work. Would you mind updating your local environment to master?
Note that the udm-le.env now has a parameter to enable your desired captive portal updates, its set to not update captive portal by default.
It's working fine for me, thanks!
Woo! Going to close this guy out then, enjoy.
Unfortunately, the guest portal use the self-signed unifi certificate. Is it possible to change this also to the let's encrypt certificate?
Maybe this could help: https://community.ui.com/questions/UDM-Pro-SSL-Certificate-1-6-4/71476759-72ce-465a-ad79-5f4559312a0e#answer/49e371f2-9b3a-4e79-b9d9-63758c54242e
but it is not reboot safe.
Regards