Had an issue with the Lets Encrypt cert for a UniFi-Video server. When renewing the cert and reimporting it into the UniFi-Video keystore, the certification was showing out of date.
Issue ended up being something with certbot.
When certbot runs it generates a new cert.pem, chain.pem, fullchain.pem and privkey.pem and puts them in the “/etc/letsencrypt/live/unifi.domain.com/” directory.
The privkey.pem and cert.pem are used to create the keys.p12 file which gets imported into the UniFi-Video keystore.
Apparently the .pem files in “/etc/letsencrypt/live/unifi.domain.com/” are symbolic links to files in “/etc/letsencrypt/archive/unifi.domain.com/”
Upon inspection of the archive directory, multiple cert.pem and privkey.pem files were found with the names cert1.pem, cert2.pem, cert3.pem etc. Looking at the creation date of the file revealed the symbolic link was referring to an old “cert1.pem” file.
Work around was to stop the unifi-video service and reimport the cert using the latest .pem files in the archive directory.
Remove or rename the Trusted Store. If you don’t, the cameras will connect, but will not record. The controller will rebuild the ufv-truststore when it starts up and the cameras will be able to record.