diff --git a/root/etc/s6-overlay/s6-rc.d/init-unifi-network-application-config/run b/root/etc/s6-overlay/s6-rc.d/init-unifi-network-application-config/run
index fd28c3c..bc0177b 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-unifi-network-application-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-unifi-network-application-config/run
@@ -64,11 +64,20 @@ if [[ ! -e /config/data/system.properties ]]; then
     fi
 fi
 
-# generate key
+# configure keystore
 if [[ ! -f /config/data/keystore ]]; then
-    keytool -genkey -keyalg RSA -alias unifi -keystore /config/data/keystore \
-    -storepass aircontrolenterprise -keypass aircontrolenterprise -validity 3650 \
-    -keysize 4096 -dname "cn=unifi" -ext san=dns:unifi
+    if [[ -f /certs/keystore.jks ]]; then
+        echo "*** DETECTED certificate, adding to keystore, not generating unique ***"
+
+        keytool -importkeystore -srckeystore /certs/keystore.jks -srcstoretype JKS -srcstorepass aircontrolenterprise -destkeystore /config/data/keystore -deststoretype PKCS12 -storepass aircontrolenterprise
+
+        echo "*** Certificate inserted ***"
+    else
+        # generate key
+        keytool -genkey -keyalg RSA -alias unifi -keystore /config/data/keystore \
+        -storepass aircontrolenterprise -keypass aircontrolenterprise -validity 3650 \
+        -keysize 4096 -dname "cn=unifi" -ext san=dns:unifi
+    fi 
 fi
 
 # permissions