SSL Certification Error in self-hosted instance
Hello there! I've setup the self-hosted Appwrite instance using docker in an EC2 instance for the first time and I am getting this error. How can I resolve this? Please help. Thanks!
SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)
During handling of the above exception, another exception occurred:
SSLError Traceback (most recent call last)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)
The above exception was the direct cause of the following exception:
MaxRetryError Traceback (most recent call last)
MaxRetryError: HTTPSConnectionPool(host='65.x.x.xxx', port=443): Max retries exceeded with url: /v1/databases/65029fc22a51f570ac8e/collections/6502a3fe273c4ae263bf/documents (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)')))
This error is expected because you don't have a valid certificate.
You're using the web sdk client side?
Thanks a lot @Steven yes I am using python SDK from Colab notebooks to test the server. I will be using python and JS SDK in serverless functions. How can I create a valid certificate? I followed the steps provided in Appwrite docs, but it showed error on the EC2 instance. We have a domain - blozum.com. Do I need to connect a domain with this instance to generate this valid certificate? Can you please guide?
Yes, it’s almost impossible (if you’re not a huge corporation) to get an SSL certificate for an IP address. You’ll need to set up a domain pointed at your Appwrite instance and set that domain in your appwrite/.env file as _APP_DOMAIN, then restart Appwrite (with docker compose up -d. Appwrite should then generate you an SSL certificate.
Understood @ideclon . Will try to do this and ask if I have anymore doubts.
- If I add an 'A' name domain, then it would work, right?
- How can I add this domain? Where should I point this new domain to? (The value of the domain)
Your domain should be pointed at your Appwrite server. Then set _APP_DOMAIN to that domain
Understood. Thanks a lot!
If your issue has been solved, you can mark this post as closed by adding “[SOLVED]” to the beginning of the title
I havent tried this yet. I will try and reopen a ticket if my issue wouldn't have been resolved.
Hello @ideclon @Steven !
I tried the above solution but it is still not working. Please help. I have added an 'A' record in my DNS records (as adding in 'CNAME' was showing "Record data is invalid."). Currently, my Appwrite is hosted on AWS EC2 Public IPv4 address - 65.1.108.139. I've tried changing the appwrite variable names, but it still doesn't work.
Currently, my .env variables are:- _APP_DOMAIN=65.1.108.139 _APP_DOMAIN_TARGET=65.1.108.139
Please help as I don't know what to do next. I updated the DNS records yesterday and have generally seen the DNS records to get updated within a day. I don't know if that might be the issue.
The mentioned .env variables should be set to the domain name you use to access Appwrite
A records point to IPv4 addresses, AAAA records point to IPv6 addresses, CNAME records point to other domain names.
Yes, I have set them appwrite.blozum.com now. Still, it is not working.
Which one should I use? Please help as I don't know a lot about the IP addresses. I have an AWS EC2 server where I've hosted Appwrite, and the domain is for my startup, Blozum.com.
You should have an A record for appwrite.blozum.com pointing at your EC2 instances IP address
Thanks, it's resolved now. 🙂
Great! If your issue has been solved, you can mark this post as closed by adding “[SOLVED]” to the beginning of the title
