Skip to content
Start building
Back

SSL certificate issue for custom domain and function domain

  • 0
  • Self Hosted
  • Functions
View on Discord
Irvine
28 Mar, 2025, 03:42

Hi Support,

We are implementing horizontal scaling (https://book.appread.io/horizontal-scaling) with shared storage, shared MariaDB, and shared Redis for our self-hosted Appwrite instance (version v1.5.7). We have two instances (primary and secondary) in our horizontal scaling setup, and everything has been running smoothly for months.

We've discovered an issue where when we add a custom domain or function domain through the admin UI, only one instance's Traefik becomes aware of the new SSL certificate. We believe the instance where SSL certificates are refreshed for Traefik is likely the one where the appwrite-worker-certificates service generates the SSL certificate.

When accessing the custom domain, we sometimes get proper HTTPS with SSL and sometimes get HTTPS without a valid SSL certificate, depending on which instance handles the request.

How can we resolve this issue without restarting our primary and secondary instances? Or is restarting both instances the only way to resolve this issue?

Thank you for your assistance.

TL;DR
Developers implementing horizontal scaling with shared storage for Appwrite instances are experiencing an issue where only one instance is aware of new SSL certificates when adding custom domains or function domains. This causes inconsistent HTTPS access. The likely culprit is the `appwrite-worker-certificates` service. Restarting both instances may be necessary to resolve the issue.
Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more