Install Let's Encrypt on Unifi Cloud Key Gen 2

SSH into the Cloud Key

Open Firewall Ports 80 and 443 in USG

Individually Run:

sudo apt-get update

sudo apt-get install git

sudo apt-get install nano

git clone


service nginx stop

letsencrypt/letsencrypt-auto certonly --text --standalone --standalone-supported-challenges tls-sni-01 --domain --email --agree-tos --renew-by-default

service unifi stop

rm /usr/lib/unifi/data/keystore

nano /etc/default/unifi

Delete line UNIFI_SSL_KEYSTORE=/etc/ssl/private/unifi.keystore.jks and save the file

sudo openssl pkcs12 -export -inkey /etc/letsencrypt/live/ -in /etc/letsencrypt/live/ -out /home/cert.p12 -name ubnt -password pass:temppass

sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /usr/lib/unifi/data/keystore -srckeystore /home/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias ubnt -noprompt

service nginx start

service unifi start

sudo rm /home/cert.p12