Two certs, one wildcard

1. The problem I’m having:

I want SSL for to be handled automatically by Caddy and get a certificate in the default way, but I want everything else (*, to use a manually specified local cert.

Currently, Caddy is ignoring the defined host (, and just using the wildcard certificate from the section directly below it.

If I comment out the wildcard handler altogether, I get what I want, and it pulls a cert for

How can I handle both situations the way I want? Apologies for redacting my post, but this is production facing and the Caddyfile has some other unrelated sites in it, that I don’t want exposed.

2. Error messages and/or full log output:

logger=http.auto_https msg=skipping automatic certificate management because one or more matching certificates are already loaded server_name=srv0 

3. Caddy version:


4. How I installed and ran Caddy:

Docker Compose

a. System environment:


c. Service/unit/compose file:

    image: caddy:latest
    restart: unless-stopped
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./data:/data
      - ./config:/config
      - ./certs:/certs
      - ./logs:/logs
      - 80:80
      - 443:443

d. My complete Caddy config:

	# auto_https ignore_loaded_certs ## this didn't work either...
} { ## this host should get a cert automatically
	reverse_proxy {$HOST}:9002 # Docker Mail Server

* { ## only the wildcard hosts, should use the manually specified wildcard 
	tls /certs/cert.txt /certs/key.txt
	@app1 host
	handle @app1 {
		reverse_proxy {$HOST}:1234 # Etc etc

Any takers?

I can try to take a look at this as soon as my work machine is back online – give it a day or so :slight_smile: