Apache Configuration for A Container+Subdomain's SSL
Solution 1:
Assuming you are using Apache as a reverse proxy on your host you can redirect requests to the /.well-known/ directory using a directory block:
<Directory "/var/www/html/.well-known/">
Require all granted
Options -Indexes -FollowSymLinks
AllowOverride All
</ Directory>
Your acme-client should then place the challenges in /var/www/html/.well-known/ on your host machine. Certbot can do this automatically, check your host operating system manual on the linked page.
Alternatively if you are open to change to NGINX, I can recommend using docker nginx-proxy with it's acme-companion for Let's Encrypt/ZeroSSL. This combination automatically issues certificates/renewals for your docker-containers.