Securing Ubiquiti UniFi Cloud Key with Let’s Encrypt SSL and automatic dns-01 challenge

You may also like...

  • Pingback: Securing UniFi Cloud Key with SSL certificate from RapidSSL | naschenweng.info()

  • I have a similar setup on my Cloud Key but, every time I reboot it, the controller service decides that the keystore is invalid, at which point it deletes it and generates a new one. Is this happening to you as well?

    • I have rebooted the UCK twice and it survived the reboot. As far as I understand, the contents are only replaced in the folder if the contents of the /etc/ssl/private/cert.tar are different to the files in that folder.

      I will retest this over the weekend. In the worst case you could always hook the /root/.acme.sh/cloudkey-renew-hook.sh into the reboot process if this is an issue. If you are not on the latest FW / Controller version, perhaps that could be an issue.

    • This weekends I reshuffled my UBNT gear and in the process have rebooted switches and UCK several times – the keystore survived all reboots.