On 2020-11-21 4:51 a.m., Herbert Graeber wrote:
Hi,
On 2020-11-20 5:45 p.m., Herbert Graeber wrote:
You need a certificate and key and add them in /etc/sysconfig/unifi. Where would I find those? You shall generate your own. How do I do that? Whatever you like. You can use pure openssl or one of the many tools built on top of it. I prefer easyrsa. Even letsencrypt will do, but thats designed for
Am Samstag, 21. November 2020, 03:04:13 CET schrieb James Knott: public websites and you do not want to make you unifi controller public.
I will modify my package so that it's possible to leave certificate of Ubiquiity active. That will give you a security warning and you have to confirm that the browser shall ignore that.
Herbert _______________________________________________ openSUSE Users mailing list -- users@lists.opensuse.org To unsubscribe, email users-leave@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/users@lists.opensuse.org
Can you provide a bit more info on what files go where? For example, I have found /etc/sysconfig/unifi, where I find: ## Path: Network/Unifi ## Description: Unifi controller settings ## Type: string ## Default: "/etc/ssl/servercerts/serverkey.pem" # # Key for TLS encryption UNIFI_TLS_KEY="" ## Type: string ## Default: "/etc/ssl/servercert/servercert.pem" # # Certificate for TLS encryption UNIFI_TLS_CERT="" ## Type: string ## Default: "/etc/pki/trust/anchors/YaST.pem" # # CA Certificate for TLS encryption UNIFI_TLS_CA_CERT="" Using openssl, I created the files in servercert and servercerts, but when I try running the controller, I get an error: * unifi.service - unifi Loaded: loaded (/usr/lib/systemd/system/unifi.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Mon 2020-11-23 12:21:19 EST; 6min ago Process: 24600 ExecStart=/usr/lib64/jvm/java-1.8.0-openjdk-1.8.0/jre/bin/java -Xmx1024M -jar /usr/lib/unifi/lib/ace.jar start (code=exited, status=203/EXEC) Process: 24469 ExecStartPre=/usr/lib/unifi/bin/import-cert (code=exited, status=0/SUCCESS) Main PID: 24600 (code=exited, status=203/EXEC) Nov 23 12:21:17 linux import-cert[24469]: 140674435469760:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:76: Nov 23 12:21:17 linux import-cert[24469]: unable to load private key Nov 23 12:21:19 linux import-cert[24469]: Importing keystore /var/tmp/unifi.p12 to /usr/lib/unifi/data/keystore... Nov 23 12:21:19 linux import-cert[24469]: keytool error: java.io.FileNotFoundException: /var/tmp/unifi.p12 (No such file or directory) Nov 23 12:21:19 linux systemd[1]: Started unifi. Nov 23 12:21:19 linux systemd[24600]: unifi.service: Failed to execute command: No such file or directory Nov 23 12:21:19 linux systemd[24600]: unifi.service: Failed at step EXEC spawning /usr/lib64/jvm/java-1.8.0-openjdk-1.8.0/jre/bin/java: No such file or directory Nov 23 12:21:19 linux systemd[1]: unifi.service: Main process exited, code=exited, status=203/EXEC Nov 23 12:21:19 linux systemd[1]: unifi.service: Unit entered failed state. Nov 23 12:21:19 linux systemd[1]: unifi.service: Failed with result 'exit-code'. It's difficult to figure out what's necessary, when working with something you're not familiar with. tnx jk