diff --git a/docker-compose.yml b/docker-compose.yml
index 36e1fc56..b6fdd290 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -53,6 +53,7 @@ services:
       # This directory must have cert files if you want to enable SSL
       - ./volumes/web/cert:/cert:ro
       - /etc/localtime:/etc/localtime:ro
+      - ./volumes/web/acme-challenge:/var/www/acme-challenge:ro
     # Uncomment for SSL
     # environment:
     #  - MATTERMOST_ENABLE_SSL=true
diff --git a/web/mattermost b/web/mattermost
index ac301ae4..eaf4c067 100644
--- a/web/mattermost
+++ b/web/mattermost
@@ -36,4 +36,10 @@ server {
         proxy_read_timeout 600s;
         proxy_pass http://{%APP_HOST%}:{%APP_PORT%};
     }
+
+    location /.well-known/acme-challenge/ {
+        default_type "text/plain";
+        root         /var/www/acme-challenge;
+        rewrite /.well-known/acme-challenge/(.*)$ /$1 break;
+    }
 }
diff --git a/web/mattermost-ssl b/web/mattermost-ssl
index 89d48aab..a21d74df 100644
--- a/web/mattermost-ssl
+++ b/web/mattermost-ssl
@@ -1,7 +1,14 @@
 server {
 	listen 80 default_server;
 	server_name _;
+    location / {
 	return 301 https://$host$request_uri;
+    }
+    location /.well-known/acme-challenge/ {
+        default_type "text/plain";
+        root         /var/www/acme-challenge;
+        rewrite /.well-known/acme-challenge/(.*)$ /$1 break;
+    }
 }
 
 map $http_x_forwarded_proto $proxy_x_forwarded_proto {