Remember that Caddy cannot enable automatic HTTPS for sites that have a wildcard in the hostname:
Caddy automatically enables HTTPS for all your sites, given that some reasonable criteria are met:
The host is not empty, not localhost, not a wildcard, and not an IP address
When you run Caddy, you will see in both the logs and the stdout that it is serving the wildcard names on the default port of 2015, because automatic HTTPS is not enabled. (Let’s Encrypt does not yet issue wildcard certificates. When it does, this will be a different story – but even then you’ll have to enable the DNS challenge.)
So for the wildcard hosts, you’ll have to do the HTTPS configuration more traditionally like other web servers:
https://*.firstdomain.tld, https://*.seconddomain.tld {
tls ... # give your wilcard cert and key here
redir https://firstdomain.tld/
}
http://*.firstdomain.tld, http://*.seconddomain.tld {
redir https://firstdomain.tld/
}
Edit: Actually, you can still use automatic https for wildcard hosts, but you have to use on-demand TLS. This is documented on the automatic HTTPS page I linked to above.