I am trying to migrate from static certs that I purchase to acme let's encrypt certs.
I have my certs configured in the dynamic file config under tls:certificates:....
Per blogs and youtube videos they are all setting foo.tls=true and foo.tls.certresolver=cloudflare in every docker container by labels.
Is there a way that I can just enable that globally vs. needing to change every one of my docker configs? E.g. in static config http:tls:certresolver: cloudflare (did not seem to work).
Can I keep some static TLS certs and some ACME per domain, e.g. if the domain is NOT listed under file dynamic tls:certificates then use ACME?
Thx, config now seems ok, I can mix static and ACME, but I can't get my cloudflare DNS auth working. For some unknown reason it seems that the acme challenge TXT record is not being propagated when added using the API, but when I add a TXT by hand it is propagated.
I had to use delay and disable propagation, it seems to me that when using the API to add TXT propagation is different than when I add TXT by hand.
Seems to be working, only difference I see between file and acme certs is the primary vs. sans names, per acme logs it is filtering the explicit names out and using the wildcard. E.g. main: foo.net, sans: *.foo.net, main: home.foo.net, sans: *.home.foo.net, then home.foo.net does not get a cert it is mixed in with *.foo.net, that is not always desirable.