Certbot HTTP-01 Challenge Failing on Custom Function Domain in Coolify/Appwrite Setup

Hello everyone,

I’m experiencing an SSL certificate issuance issue while setting up custom domains for Appwrite functions on a Coolify installation. Here are the details: • Setup Environment: I’m running Appwrite on a Coolify deployment. • Main App Domain: The primary Appwrite instance is hosted on api.example.com. • Function Domains Tried: I initially attempted a function domain like a5s6d4.api.example.com, but that didn’t work. Then, I tried using aifn.example.com as the function domain. • DNS Configuration: For aifn.example.com, I set up a CNAME record in Cloudflare pointing to api.example.com (using DNS only). • Certbot Log Excerpt: During the SSL issuance process, certbot fails the HTTP-01 challenge. Here’s a relevant excerpt from the logs:

...
Creating root challenges validation dir at /storage/certificates/.well-known/acme-challenge
Attempting to save validation to /storage/certificates/.well-known/acme-challenge/<token>
...
Challenge failed for domain aifn.example.com
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: aifn.example.com
  Type:   unauthorized
  Detail: XX.XX.XX.XX: Invalid response from http://aifn.example.com/.well-known/acme-challenge/<token>: 404

•    Issue:

Despite setting the webroot path to /storage/certificates (where certbot creates the challenge files), the challenge file isn’t accessible via HTTP, resulting in a 404 error.

I’ve researched various solutions and double-checked my configurations, but the challenge files still aren’t reachable. Has anyone encountered a similar issue or have any suggestions on how to resolve it?

Thanks in advance for your help!