A CSR (Certificate Signing Request) is a block of code that is submitted during the SSL activation in your Namecheap account. It contains encrypted information about your company/business and domain name
Default process of the CSR generation on UniFi controller software is quite simple; it can be done with a few standard commands:
IMPORTANT: Ensure you start the application with administrator rights on Windows/have root or sudo user access on Linux/MacOS.
To run the application as administrator on Windows, you can right-click the program icon and choose Run as administrator option or do it this way:
Properties > Compatibility > mark the Run this program as as an administrator > OK.
To enable sudo access on Linux-based systems, run:
sudo su -
cd *Unifi base folder*
The *Unifi base folder* needs to be replaced with the following:
You can also use: “C:\Users\*account username*\Ubiquiti UniFi”
java -jar lib/ace.jar new_cert example.com “Company name” “Locality” “State” CC
HELPFUL TIP: If any of the values contains more than one word, put them in quotes. Otherwise, UniFi will consider a second word to be a value of the next field (it will show no errors).
IMPORTANT: When creating a wildcard CSR on UniFi (with a domain name like *.example.com), UniFi puts the domain name (subdomain) specified in the host value to an Organization unit field. This may cause issues during activation as “*” is not considered an alphanumeric symbol.
The CSR file with a name unifi_certificate.csr.pem will be created in the data subfolder of the UniFi base folder.
NOTE: On Debian-based Linux distributions, all related files are also duplicated in /var/lib/unifi folder.
IMPORTANT: The private key for the certificate will be saved in the default UniFi keystore in the file /data/keystore/ (or simply keystore, depending on the system).
Use the text code from the file during the certificate activation.