1. The problem I’m having:
Context: I am using the mailcow-dockerized mail server stack behind caddy, which requires its own valid letsencrypt certificates for things like SMTP(S) and IMAPS. It cannot get ACME certifiates using the DNS challenge, only the HTTP challenge which the caddy server will interfere with.
Is there any way to create a wildcard certificate in my caddyfile solely for this purpose (ie: without defining a host and using the tls block inside it), which I can copy over to mailcow every time it gets renewed?
Another item which I can’t seem to find any advice online about is the reusing of the private key during LE certificate renewal - I can’t see it mentioned in the docs, but it would be significantly easier for me if the key was not regenerated. Otherwise, I then need to change TSLA records, etc. as they will be invalid once the key changes.
2. Error messages and/or full log output:
N/A
3. Caddy version:
N/A
4. How I installed and ran Caddy:
a. System environment:
b. Command:
N/A
c. Service/unit/compose file:
N/A
d. My complete Caddy config:
N/A