How do I make a route use a wildcard certificate defined elsewhere?

I have the following routes defined in one dynamic config:

rule = "Host(`controller.ide.localdomain`)"
service = "ide-controller"

  certResolver = "ideCertResolver"

    main = "ide.localdomain"
    sans = [ "controller.ide.localdomain", "*.ide.localdomain", "*.preview.ide.localdomain" ]

And these sub-domain routes defined in another dynamic config, which is dynamically added or removed depending on whether or not a "workspace" is running (each workspace has 2 services):

rule = "Host(`robotben-test-project.ide.localdomain`)"
service = "theia-deployment--robotben--test-project"
middlewares = [ "auth-handler" ]

  certResolver = "ideCertResolver"

rule = "Host(`robotben-test-project.preview.ide.localdomain`)"
service = "theia-deployment--robotben--test-project--preview"

  certResolver = "ideCertResolver"

How can I make it so that the sub-domain routes use the wildcard certs defined in the base-level domain route? Right now it is trying to create a new cert for every sub-domain route.