If anyone is still having trouble with this, I just figured out how to do it using an existing Windows certificate. In my case, we have our own internal Certification Authority, but it will work just the same with a certificate issued by GoDaddy or anyone else.<\/p>\n
I’m assuming you already know how to export the certificate using the Certificates MMC snap-in, and that the keytool executable from your installed java package is in the path.<\/p>\n
1)\u00a0\u00a0\u00a0\u00a0\u00a0 Export PFX certificate with private key and the option \u201cInclude all certificates in the certification path if possible\u201d, using password “aircontrolenterprise” (this is important!)<\/p>\n
2) \u00a0 \u00a0 \u00a0Open a Command Prompt and go to the directory Unifi was installed to then the data directory (example: C:\\Users\\administrator\\Ubiquiti Unifi\\data)<\/p>\n
3)\u00a0\u00a0\u00a0\u00a0\u00a0 Find the alias of your exported certificate by using (use the password from step 1):<\/p>\n
keytool -list -keystore c:\\path\\to\\pfx.pfx -storetype pkcs12<\/p>\n
It will list the certificate starting with its alias, for example:<\/p>\n
Keystore type: PKCS12<\/p>\n
Keystore provider: SunJSSE<\/p>\n
Your keystore contains 1 entry<\/p>\n
le-webserver2003-8f6daf5b-8c89-405f-b3bb-045c58656
Certificate fingerprint (MD5): AB:3F:79:FD:F5:1E:B3:69:78:8C:1C:AC:41:B3:29:6B<\/p>\n
\u00a0The certificate alias in this case is le-webserver2003-8f6daf5b-8c89-405f-b3bb-045c58656
4)\u00a0\u00a0\u00a0\u00a0\u00a0 Rename the existing file called \u201ckeystore\u201d to keystore.orig.<\/p>\n
5)\u00a0\u00a0\u00a0\u00a0\u00a0 Run the following command:<\/p>\n
keytool -importkeystore -srcstoretype pkcs12 -srcalias\u00a0src-alias<\/strong>\u00a0-srckeystore\u00a0c:\\path\\to\\pfx.pfx<\/strong>\u00a0-keystore keystore -destalias unifi<\/p>\n Use the same password from step 1.<\/p>\n 6) \u00a0 \u00a0 Start the UniFi server.<\/p>\n