(ARCHIVED) UCRM v2 - Setting up SSL Certificate

This article has been archived.

This article is applicable to UCRM v2 and will not be updated further. Thenew version of CRM is now part of the UNMS platform, and help articles for that version can be found under the UNMS section. See this article on how to upgrade from UCRM to UNMS.


To use HTTPS protocol, you must provide UCRM and the UCRM app container with SSL certificate. You can use either custom SSL certificate, or Let’s Encrypt service. This guide will help you to set it up.

Table of Contents

  1. Steps to Set Up the SSL Certificate
  2. Steps to Set Up the Let's Encrypt Certificate
  3. Related Articles

Steps to Set Up the SSL Certificate

Back to Top

  1. First, make sure your Server domain name is set up. Go to System > Settings >Application
  2. Update the UCRM Server port (in System > Settings > Application) to your desired port, typically 443 but you can choose 8443, etc.
  3. Make sure the Server port number set in system settings is the same used in your docker config file in section web_app (see /home/ucrm/docker-compose.yml)
  4. After that, proceed to upload CRT and KEY files using the form in System > Tools > SSL Certificate. These are typical file types for each input:
    • Certificate file: .crt
    • CA bundle file (optional): .ca-bundle
    • Key file: .key

Contents of the certificate files are automatically validated after the upload. If the validation passes, the web server will load new configuration automatically in a moment.

Note that the default HTTPS port is set automatically according to the other ports used by UCRM. If you are using ports 80/81 as UCRM web port / UCRM suspend port, the HTTPS port will be set to 443. If you are using ports 8080/8081 as UCRM web port / UCRM suspend port, the HTTPS port will be set to 8443.

If you need to change this default port for https you can do it manually:

  1. Open your docker-compose.yml file. (Located at /home/ucrm)
  2. Edit the port to desired value
  3. Restart docker using docker-compose restart (as root)

If you don't want to use custom SSL certificate, you can use Let's Encrypt service (this advanced feature is available as of version 2.4.0).

Steps to Set Up the Let's Encrypt Certificate

Back to Top

Available on UCRM v.2.4.0+

  1. The only thing you need to do to get a Let's Encrypt provided certificate is fill in your email address. This address will be used for important account notifications (like certificate expiration).
  2. To do this, go to System > Tools > SSL certificate, fill in your email address in the "Let's Encrypt" box and click "Enable / Update".
  3. UCRM will get a Let's Encrypt certificate for you and the new server configuration will be loaded automatically in a moment.

You can find more information about Let's Encrypt on their website. Please note, that by using Let's Encrypt certificate you agree to the Let's Encrypt Subscriber Agreement.

Related Articles

Back to Top

(ARCHIVED) UCRM v2 - How to Use Ports in UCRM

Was this article helpful?
0 out of 1 found this helpful
Can't find what you're looking for?
Visit our worldwide community of Ubiquiti experts for more answers
Visit the Ubiquiti Community