I used this configuration and it was accepted by caddy, but the proxification did not work out of the box. Before jumping into debugging I just wanted to make sure that it is technically (from a TLS perspective) possible.
The certificate has to be valid and trusted, etc, etc. Otherwise it should “just work.” There might be a problem with the TLS connection. The logs should tell you more (use the errors directive).
Thank you. With this I dived into the configuration etc. and finally realized that I mistyped a docker port redirection. I wanted to avoid hitting some “protocol wall” without fully understanding the reasons and your reply cleared this concern out.
I will have to read a bit what such forwarding means. It seems that this is a termination (on the endpoint), and then creation of a new TLS connection (to the backend) - with the intermediate part being in clear text. It does not matter at all for this home connection though.