How to Generate a CSR on Unifi Cloud Key

In this tutorial, we will show you how to generate a CSR on Unifi Cloud Key.

Please, follow the steps below to create your CSR file. Make sure you have SSH access.

Step 1. Back up your existing certificate configuration

Create a copy of /etc/ssl/private directory on your local desktop.

Step 2. Remove the existing certificate configuration

Once you’ve backed up the Cloud Key directory, remove its content:

rm -f /etc/ssl/private/*

Step 3. Create a new private key

Use the OpenSSL toolkit to create a new private key for your certificate. Run the command below:

openssl genrsa -out /etc/ssl/private/cloudkey.key 2048

Step 4. Generate the CSR file

Run the command:

openssl req -new -batch \
-subj "/C=US /ST=Washington/L=Seattle
/O=YourCompmay/OU=IT/CN=unifi.yoursite.com
/emailAddress[email protected]" \
-key /etc/ssl/private/cloudkey.key \
-out /etc/ssl/private/cloudkey.csr

Replace the attributes in bold with your real contact details:

• C – the two-letter country code
• ST – the state where your company is registered
• L – the locality/city where your company is located
• O – the full legal name of your organization
• OU – the name of the organizational unit (department) within your company requesting the SSL certificate
• CN – the Common Name, also known as the FQDN (fully-qualified domain name) you want to secure with an SSL certificate
• emailAddress – provide a valid email address

Your CSR file is ready. You can open it with any text editor of your choice such as Notepad and use it during the digital certificate order process with your SSL vendor.