Skip to content
Back

Certbot HTTP-01 Challenge Failing on Custom Function Domain in Coolify/Appwrite Setup

  • 0
  • Self Hosted
  • Functions
psirograpth
18 Mar, 2025, 23:29

Hello everyone,

I’m experiencing an SSL certificate issuance issue while setting up custom domains for Appwrite functions on a Coolify installation. Here are the details: • Setup Environment: I’m running Appwrite on a Coolify deployment. • Main App Domain: The primary Appwrite instance is hosted on api.example.com. • Function Domains Tried: I initially attempted a function domain like a5s6d4.api.example.com, but that didn’t work. Then, I tried using aifn.example.com as the function domain. • DNS Configuration: For aifn.example.com, I set up a CNAME record in Cloudflare pointing to api.example.com (using DNS only). • Certbot Log Excerpt: During the SSL issuance process, certbot fails the HTTP-01 challenge. Here’s a relevant excerpt from the logs:

TypeScript
...
Creating root challenges validation dir at /storage/certificates/.well-known/acme-challenge
Attempting to save validation to /storage/certificates/.well-known/acme-challenge/<token>
...
Challenge failed for domain aifn.example.com
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: aifn.example.com
  Type:   unauthorized
  Detail: XX.XX.XX.XX: Invalid response from http://aifn.example.com/.well-known/acme-challenge/<token>: 404
TypeScript
Issue:

Despite setting the webroot path to /storage/certificates (where certbot creates the challenge files), the challenge file isn’t accessible via HTTP, resulting in a 404 error.

I’ve researched various solutions and double-checked my configurations, but the challenge files still aren’t reachable. Has anyone encountered a similar issue or have any suggestions on how to resolve it?

Thanks in advance for your help!

TL;DR
Issue: SSL cert issuance fails due to HTTP-01 challenge not working on custom function domain in Coolify/Appwrite setup. Challenge files aren't accessible via HTTP causing a 404 error. Solution: Check webroot path configurations for certbot, ensure challenge files are reachable. Check DNS and Cloudflare setup for domain pointing.
Reply

Reply to this thread by joining our Discord

Reply on Discord

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more