Support Downloads Community

UniFi Video is an obsolete product line.

This application and its related devices will no longer receive any manner of technical support, including functional and security updates. Additionally, there will be no further updates to Help Center content pertaining to UniFi Video.

UniFi - SSL Certificate Error


This article explains what to do if a SSL Certificate Error is shown upon attempting to open the UniFi Network application.

Table of Contents

  1. What does this error look like?
  2. Cause: Missing a Valid SSL Certificate
  3. Cause: Adopting UniFi for the First Time
  4. Related Articles

 What does this error look like?

Back to Top

User Tip:Sometimes it's impossible to click past the certificate error. Users have reported that in those cases they have gotten past the error by typing thisisunsafe and hitting Enter/Return on the error page on Chrome browser.

Missing a Valid SSL Certificate

Back to Top

UniFi relies on HTTPS for extra security. This means that the browser will check for valid certificates when making a secure connection to the web server. Although the alert message may prove annoying, there's no risk to the connecting user. To avoid this error you must:
  1. Buy a signed SSL certificate from any web hosting provider (or if you decide to generate one, see a few notes on that below).
  2. Then make the following changes to UniFi Network:
    sudo su -
    # cd <unifi_base> 
    # on Windows, "%USERPROFILE%/Ubiquiti Unifi"
    cd /usr/lib/unifi 
    # create new certificate (with csr)
    java -jar lib/ace.jar new_cert <hostname> <company> <city> <state> <country>
    #  Enter your password if prompted and then it will create your CSR in /var/lib/unifi
    # - unifi_certificate.csr.der
    # - unifi_certificate.csr.pem
    # have this CSR signed by a CA, you'll get a few certificates back...
    # copy the signed certificate(s) to <unifi_base>
    # import the signed certificate and other intermediate certificates
    java -jar lib/ace.jar import_cert <signed_cert> [<other_intermediate_root_certs>...]
  1. Following notes for X509Subject Alternative Name:
    • If you're using Windows to generate the certificate, make sure the alternative name is set as DNS within the certificate's properties window, and fill out the value.
    • If you're on Ubuntu / Debian and using openssl to generate a certificate, make sure to use the SAN extensions or you will be promoted that the cert is invalid. Which is indication for the mission X509 Subject Alternative Name. See external documentation about Subject Alternative Name here.
  2. Once you have created the CSR it can be found in the %USERPROFILE%\Ubiquiti UniFi\data folder. On Mac find it here: /Users/username/Library/Applic ation\ Support/UniFi/data. Not sure where to find <unifi_base>? See this article.


If the error "Unable to import certificate into keystore" appears when importing the signed certificate & intermediate certs, try the following steps:

1. Edit the certificate file using a text editor and remove any blank spaces and line breaks after each line of the cert. The cert should be one single line.

2. Save changes re-import the certificate.

Adopting UniFi for the First Time

Back to Top

This error should not be confused with the one seen when adopting a Cloud Key for the first time. This error can be safely ignored by:

1. Click Advanced

2. Click Proceed to <your IP>

Verify if this is your case by seeing our UniFi - How to Setup your Cloud Key and UniFi Access Point (for beginners) article (in step 3.5 of the section 3. Configuring your Cloud Key & Access Point). 

 Related Articles

Back to Top

UniFi - How to Setup your Cloud Key and UniFi Access Point (for beginners)

Was this article helpful?
59 out of 302 found this helpful