Hi there Francis, thanks for your quick reply!
See my reply to Matt for more context, but wanted to address this point as well. It’s also possible that if there’s a Caddy API route to append new domains to our server without stopping it, we can use that to handle this in our business logic at “registration” time (i.e. when we process a new domain, we attempt to provision a wildcard record programmatically) rather than “lazily” with On Demand TLS. That might make more sense if these features aren’t intended to be mixed together like this, though I see other forum posts of the same nature linking back to On Demand TLS.