21.11.2020 12:51, Herbert Graeber пишет:
Hi,
Am Samstag, 21. November 2020, 03:04:13 CET schrieb James Knott:
On 2020-11-20 5:45 p.m., Herbert Graeber wrote:
You need a certificate and key and add them in /etc/sysconfig/unifi.
Where would I find those?
You shall generate your own.
How do I do that?
Whatever you like. You can use pure openssl or one of the many tools built on top of it. I prefer easyrsa. Even letsencrypt will do, but thats designed for public websites and you do not want to make you unifi controller public.
It has nothing to do with providing public access to the server. It is about automatically trusting certificate because letsencrypt is trusted by browsers (and any other program that verifies certificate chain). As letsencrypt certificates are issued for a short period of time, renewing them without access to letsencrypt site form the server in question is indeed difficult to automate.