This is a small snippet to help you debug and make sure Appwrite is able to generate SSL certificates for your domains.
Things to check:
- You're using a public-facing domain pointing to your Appwrite instance.
- Your
_APP_ENV
variable is set forproduction
mode (learn more at: https://appwrite.io/docs/environment-variables). - You have a valid email address set on
_APP_SYSTEM_SECURITY_EMAIL_ADDRESS
(learn more at https://appwrite.io/docs/environment-variables). - Currently, Appwrite is using the acme HTTP-challenge to issue an SSL certificate. This forces us to generate certificates for port 443. At this point, other ports will not work.
If you set your domain after your Appwrite server has started working, you will need to restart the Appwrite container using
docker-compose restart appwrite
. This will force Appwrite to re-issue and check your SSL certificate if needed. We'll work to automate this behavior in future versions.
In case you're still struggling with getting your certificate to work, check the Appwrite certificates worker log. You can do that with the following command:
docker-compose logs appwrite-worker-certificates
You can't issue a valid certificate for localhost. By default, Appwrite will issue a self-signed certificate which is good enough for development.
When using a self-signed certificate, you should enable client.setSelfSigned()
method in your SDK of choice. This will allow your application to connect to your local Appwrite server.