Using SSL certificates with unifi cloudkey or UDM Pro the easy way

2020-07-12

In short, you can access your UDM Pro with https://unifi.local and make the security warning go away.

I have been using my unifi hardware for some time at home now and I love it. The one thing that kept being annoying is accessing the cloudkey software over SSL. It always returning this warning:

And if you approved and continued you still got this icon in your browser:

I was reading Scott Helme’s blogpost how to setup SSL. Sounded like work and I wasn’t sure if that would survive an cloudkey upgrade.

What I noticed when I double clicked the cert when accessing my UDM Pro dashboard:

So the CK certs is for https://unifi.local when I tried that address I got a warning the CA wasn’t trusted.

I SSHed into my cloudkey and navigated to /mnt/data/unifi-os/unifi-core/ and found the unifi-core.cer file. I copied that to my machine and double clicked it. You can copy the file to your machine by using this command:

scp root@192.168.1.1:/mnt/data/unifi-os/unifi-core/config/unifi-core.crt .

Double click on the crt file (on Windows) and click on install certificate:

Select local machine:

and select the Trusted Root Certification Authorities store:

From now on, navigating to https://unifi.local won’t give you a warning. You might want to add the entry in your DNS if it doesn’t resolve. I added it to my pihole just in case.

On every machine you want to administrate your unifi network you have to add the crt file.