[SOLVED] SSL Certificate Fails for Wildcard Custom Domain on Sites

Hi Appwrite Team,

I'm having issues generating an SSL certificate for a wildcard custom domain on the Sites service. I created a CNAME record pointing *.sites.appwrite.mydomain.com to mydomain.com, and my deployed site (svelte-starter.sites.appwrite.mydomain.com) works correctly over HTTP.

To validate that DNS challenges are working, I manually ran a DNS-01 challenge using Certbot for the wildcard domain (*.sites.appwrite.mydomain.com) and successfully validated the TXT record manually.

Despite this, SSL generation via Appwrite still fails with the following log output:

appwrite-worker-certificates  | Cannot renew domain (svelte-starter.sites.appwrite.mydomain.com) on attempt no. 5 certificate: Failed to verify domain DNS records.
appwrite-worker-certificates  | [Job] (6833e8f7f17c82.53601748) failed to run.
appwrite-worker-certificates  | [Job] (6833e8f7f17c82.53601748) Failed to verify domain DNS records.
appwrite-worker-certificates  | [Error] Type: Exception
appwrite-worker-certificates  | [Error] Message: Failed to verify domain DNS records.
appwrite-worker-certificates  | [Error] File: /usr/src/code/src/Appwrite/Platform/Workers/Certificates.php
appwrite-worker-certificates  | [Error] Line: 338

Could you help clarify why the DNS challenge validation is failing despite the DNS configuration being accessible and externally verifiable?

Thanks in advance!

[SOLVED] SSL Certificate Fails for Wildcard Custom Domain on Sites

I read the documentation more carefully and followed the Apex domain settings, I set the variables

APP_DOMAIN_TARGET_A APP_DOMAIN_TARGET_AAAA

And as a precaution I also set APP_DOMAIN_TARGET_CNAME

I recreated the containers and ran the command to generate the certificate and everything went well.