Custom Domain SSL with DNS-01 ACME Challenge

SSL Certificate Provisioning

Boottify automatically provisions SSL certificates for custom domains using the DNS-01 ACME challenge. This method works even when your application is behind a reverse proxy or load balancer.

How DNS-01 Works

1. When you add a custom domain, Boottify creates a TXT record (_acme-challenge.yourdomain.com) in your DNS zone
2. The ACME server (Let's Encrypt) verifies the TXT record
3. A certificate is issued and automatically installed
4. The TXT record is cleaned up after verification

Adding a Custom Domain

1. Go to Apps → Your App → Domains
2. Click Add Domain
3. Enter your domain name (e.g., app.yourdomain.com)
4. Add the displayed CNAME record to your DNS provider
5. Click Verify & Provision SSL

Certificate Renewal

Certificates are automatically renewed 30 days before expiration. The renewal process runs daily via a cron job and requires no manual intervention.

Troubleshooting

• DNS propagation: Allow up to 10 minutes for DNS changes to propagate
• CNAME conflicts: Remove any existing A or AAAA records for the subdomain before adding the CNAME
• Certificate errors: Check the SSL status in your app's Domains tab for detailed error messages