#Function certificates are all self-signed on production. Is this by design?

I'm currently testing out a selfhosted production instance. As I understood / expected, after reading the documentation, the certs should be automatically generated. The interface also displays the status 'verified' and 'generated'. But Appwrite serves me the TRAEFIK DEFAULT CERT. Using a custom domain for the function will generate a valid cert. My console app also was also provided a valid cert.

1. Is it by design that the [function-hash].[domain] URL's are not supplied with signed certs?
2. In my setup the APP_DOMAIN is already hosted under a subdomain. Could the format [function-hash].api.domain.com cause the issue?

Sorry, we don't generate certs for auto generated domains. You'll need to set that up on traefik using DNS method.

Thanks for clarifying this @timber swallow ! Maybe I missed it, but this doesn't seem to be mentioned in the docs and maybe due to my expectation, the green checks in the interface made me think I did something wrong in setup.