Category: Installation

This solution is summarized from an archived support forum post. This information may have changed. If you notice an error, please let us know in Discord.

Appsmith SSL on a different port


I am trying to host a docker-compose based install of Appsmith on a Digital Ocean droplet that already has ports 80 and 443 occupied. Although Appsmith is working great on port 80 over HTTP, connection to port 8443 over HTTPS is being refused. Upon investigation, I found out that Appsmith is not listening on port 443 and has not provisioned a SSL certificate. I have tried various options of ports, forwarding, custom domains, and X-Forwarded headers but nothing has worked. I need help in properly configuring SSL for Appsmith and making it work with my existing Caddy server as a reverse proxy.


The user was trying to host a Docker Compose based Appsmith installation on a Digital Ocean droplet that already had ports 80 and 443 occupied. They tried many options for port forwarding, custom domains, etc. but were unable to make it work.

They created a brand new Docker Compose based Appsmith installation with ports 8080 and 8443. Appsmith was working on port 80 over HTTP, but the connection was refused on port 8443 over HTTPS. They checked the Nginx configuration files but couldn't find a clear answer. The Appsmith Docker container wasn't listening on port 443.

The solution was to understand that Appsmith dynamically generates the NGINX configuration at container startup. If Appsmith can't provision an SSL certificate, it'll just start with HTTP. They had to set the APPSMITH_CUSTOM_DOMAIN to let Appsmith provision an SSL certificate for that domain. They also had to make ports 80 and 443 available for a few minutes for cert provisioning and then close them again.

For their final goal, they had Caddy on ports 80 and 443 and wanted to use it as a reverse proxy for Appsmith with SSL termination. They created separate domain names for both Appsmith and n8n and added an extra_hosts name to Caddy in the Docker Compose file for n8n. Then, Caddy could resolve the name host.docker.internal to the Docker host, and they changed the Caddyfile to reverse_proxy to http://host.docker.internal:8080.

The solution was summarized in a few paragraphs, including the necessary code examples.