I do think that you can’t have one hard coded certificate and also use letsencrypt auto tls on the same ip for any domains not specified as caddy will only use the certificate from the hard coded cert?
I don’t know what you mean. You want to use both on-demand, managed certificates together with certificates you provide? That works. Caddy will only get certificates from Let’s Encrypt if it doesn’t already have one for the name provided.
This configuration will only return the certificate provided for the managed certificate. It will not fall through and use letsencrypt certificates for other domains which work if I remove the managed certificate. Browsing to any other domain gets the managed certificate
It’s probably because the domains don’t match the pattern * – since the wildcard character is for just a single label of a domain name, so * will match localhost, but not example.com.