Setting up HTTPS with Lets Encrypt on Traefik and getting errors

i have registered mycustomdomain.com

I have a pfsense router using DDNS with cloudflare to sync my ip to mycustomdomain.com

I have A records on cloudflare pointing

mycustomdomain.com to my home IP

whoami.mycustomdomain.com to my home IP

Port 80 is forwarded to my server @ 192.168.0.10 that is running all my docker containers

i was able to use certbot through port 80 previously to get a LE certificate so i know port 80 and 443 are not blocked

i plan on running a bunch of docker containers that i can access inside and outside my network using unique domain names such as

emby.mycustomdomain.com

aisonic.mycustomdomain.com

etc...

i am trying to setup traefik to use HTTPS with Lets Encrypt using DNS challenge so i can get a wildcard certificate of *.mycustomdomain.com for all the services i want to run

Here is my sanitized docker compose file i bascially copied from here

https://docs.traefik.io/user-guides/docker-compose/acme-dns/

version: "3.3"

services:

  traefik:
    image: "traefik:v2.1"
    container_name: "traefik"
    command:
      - "--log.level=DEBUG"
      # Traefik will listen on port 8080 by default for API request.
      - "--api.insecure=true"
      # Enabling docker provider
      - "--providers.docker=true"
      # Do not expose containers unless explicitly told so
      - "--providers.docker.exposedbydefault=false"
      # Traefik will listen to incoming request on the port 80 (HTTP)
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      # Enable a dns challenge named "myresolver"
      - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
      # Tell which provider to use
      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare"
      # Choose acme-staging to test things... remove this when ready for the real thing
      - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      # The email to provide to let's encrypt
      - "--certificatesresolvers.myresolver.acme.email=mycustomemail@gmail.com"
      # Tell to store the certificate on a path under our volume
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.rule=Host(`traefik.mycustomdomain.com`)"
      - "traefik.http.routers.traefik.entrypoints=web"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    environment:
      - "CF_API_EMAIL=mycustomemail@gmail.com"
      - "CF_API_KEY=CloudFlare GLOBAL API KEY"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      #- /media/username/nfsset/containers/traefik/traefik.toml:/etc/traefik/traefik.toml
      - "/media/username/nfsset/containers/traefik/letsencrypt:/letsencrypt"
      
  whoami:
    image: "containous/whoami"
    container_name: "simple-service"
    labels:
      # Explicitly tell Traefik to expose this container
      - "traefik.enable=true"
      # The domain the service will respond to
      - "traefik.http.routers.whoami.rule=Host(`whoami.mycustomdomain.com`)"
      # Allow request only from the predefined entry point named "web"
      #- "traefik.http.routers.whoami.entrypoints=web"
      # Traefik will listen to incoming request on the port 443 (https)
      - "traefik.http.routers.whoami.entrypoints=websecure"
      # Uses the Host rule to define which certificate to issue
      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
      

#https://docs.traefik.io/user-guides/docker-compose/basic-example/

THIS IS MY ERROR

time="2020-03-13T04:23:28Z" level=info msg="Configuration loaded from flags."
time="2020-03-13T04:23:28Z" level=info msg="Traefik version 2.1.6 built on 2020-02-28T17:40:18Z"
time="2020-03-13T04:23:28Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}}},\"providers\":{\"providersThrottleDuration\":2000000000,\"docker\":{\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000}},\"api\":{\"insecure\":true,\"dashboard\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"certificatesResolvers\":{\"myresolver\":{\"acme\":{\"email\":\"mycustomemail@gmail.com\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"/letsencrypt/acme.json\",\"keyType\":\"RSA4096\",\"dnsChallenge\":{\"provider\":\"cloudflare\"}}}}}"
time="2020-03-13T04:23:28Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/contributing/data-collection/\n"
time="2020-03-13T04:23:28Z" level=info msg="Starting provider aggregator.ProviderAggregator {}"
time="2020-03-13T04:23:28Z" level=debug msg="Start TCP Server" entryPointName=websecure
time="2020-03-13T04:23:28Z" level=debug msg="Start TCP Server" entryPointName=traefik
time="2020-03-13T04:23:28Z" level=debug msg="Start TCP Server" entryPointName=web
time="2020-03-13T04:23:28Z" level=info msg="Starting provider *acme.Provider {\"email\":\"mycustomemail@gmail.com\",\"caServer\":\"https://acme-staging-v02.api.letsencrypt.org/directory\",\"storage\":\"/letsencrypt/acme.json\",\"keyType\":\"RSA4096\",\"dnsChallenge\":{\"provider\":\"cloudflare\"},\"ResolverName\":\"myresolver\",\"store\":{},\"ChallengeStore\":{}}"
time="2020-03-13T04:23:28Z" level=info msg="Testing certificate renew..." providerName=myresolver.acme
time="2020-03-13T04:23:28Z" level=info msg="Starting provider *docker.Provider {\"watch\":true,\"endpoint\":\"unix:///var/run/docker.sock\",\"defaultRule\":\"Host(`{{ normalize .Name }}`)\",\"swarmModeRefreshSeconds\":15000000000}"
time="2020-03-13T04:23:28Z" level=info msg="Starting provider *traefik.Provider {}"
time="2020-03-13T04:23:28Z" level=debug msg="Configuration received from provider myresolver.acme: {\"http\":{},\"tls\":{}}" providerName=myresolver.acme
time="2020-03-13T04:23:28Z" level=debug msg="Configuration received from provider internal: {\"http\":{\"routers\":{\"api\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/api`)\",\"priority\":2147483646},\"dashboard\":{\"entryPoints\":[\"traefik\"],\"middlewares\":[\"dashboard_redirect@internal\",\"dashboard_stripprefix@internal\"],\"service\":\"dashboard@internal\",\"rule\":\"PathPrefix(`/`)\",\"priority\":2147483645}},\"middlewares\":{\"dashboard_redirect\":{\"redirectRegex\":{\"regex\":\"^(http:\\\\/\\\\/[^:\\\\/]+(:\\\\d+)?)\\\\/$\",\"replacement\":\"${1}/dashboard/\",\"permanent\":true}},\"dashboard_stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/dashboard/\",\"/dashboard\"]}}},\"services\":{\"api\":{},\"dashboard\":{}}},\"tcp\":{},\"tls\":{}}" providerName=internal
time="2020-03-13T04:23:28Z" level=debug msg="No default certificate, generating one"
time="2020-03-13T04:23:28Z" level=debug msg="Provider connection established with docker 19.03.8 (API 1.40)" providerName=docker
time="2020-03-13T04:23:28Z" level=debug msg="Filtering disabled container" providerName=docker container=emby-680cea55b9c188d1b91f2f433eb126927299947c5cebd8bb4c0eb23dee7a3cd4
time="2020-03-13T04:23:28Z" level=debug msg="Filtering disabled container" providerName=docker container=airsonic-5099843f9c175a4e92ef7affff33925f2bc111e5f00adaf0b69fc5856f57f25d
time="2020-03-13T04:23:28Z" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"traefik\":{\"entryPoints\":[\"web\"],\"service\":\"traefik-docker-compose\",\"rule\":\"Host(`traefik.mycustomdomain.com`)\"},\"whoami\":{\"entryPoints\":[\"websecure\"],\"service\":\"whoami-docker-compose\",\"rule\":\"Host(`whoami.mycustomdomain.com`)\",\"tls\":{\"certResolver\":\"myresolver\"}}},\"services\":{\"traefik-docker-compose\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.3:80\"}],\"passHostHeader\":true}},\"whoami-docker-compose\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.2:80\"}],\"passHostHeader\":true}}}},\"tcp\":{}}" providerName=docker
time="2020-03-13T04:23:28Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:28Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal
time="2020-03-13T04:23:28Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
time="2020-03-13T04:23:28Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal entryPointName=traefik middlewareName=dashboard_stripprefix@internal
time="2020-03-13T04:23:28Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2020-03-13T04:23:28Z" level=debug msg="Setting up redirection from ^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$ to ${1}/dashboard/" routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik
time="2020-03-13T04:23:28Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal
time="2020-03-13T04:23:28Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=traefik
time="2020-03-13T04:23:28Z" level=debug msg="No default certificate, generating one"
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" middlewareType=Pipelining routerName=traefik@docker serviceName=traefik-docker-compose entryPointName=web middlewareName=pipelining
time="2020-03-13T04:23:29Z" level=debug msg="Creating load-balancer" entryPointName=web routerName=traefik@docker serviceName=traefik-docker-compose
time="2020-03-13T04:23:29Z" level=debug msg="Creating server 0 http://172.18.0.3:80" serviceName=traefik-docker-compose serverName=0 entryPointName=web routerName=traefik@docker
time="2020-03-13T04:23:29Z" level=debug msg="Added outgoing tracing middleware traefik-docker-compose" entryPointName=web routerName=traefik@docker middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-03-13T04:23:29Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:29Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" entryPointName=traefik routerName=dashboard@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" routerName=dashboard@internal entryPointName=traefik middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
time="2020-03-13T04:23:29Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik
time="2020-03-13T04:23:29Z" level=debug msg="Setting up redirection from ^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$ to ${1}/dashboard/" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex
time="2020-03-13T04:23:29Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" serviceName=whoami-docker-compose middlewareType=Pipelining middlewareName=pipelining entryPointName=websecure routerName=whoami@docker
time="2020-03-13T04:23:29Z" level=debug msg="Creating load-balancer" entryPointName=websecure routerName=whoami@docker serviceName=whoami-docker-compose
time="2020-03-13T04:23:29Z" level=debug msg="Creating server 0 http://172.18.0.2:80" serviceName=whoami-docker-compose serverName=0 entryPointName=websecure routerName=whoami@docker
time="2020-03-13T04:23:29Z" level=debug msg="Added outgoing tracing middleware whoami-docker-compose" routerName=whoami@docker entryPointName=websecure middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:29Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=websecure middlewareName=traefik-internal-recovery
time="2020-03-13T04:23:29Z" level=debug msg="No default certificate, generating one"
time="2020-03-13T04:23:30Z" level=debug msg="Try to challenge certificate for domain [whoami.mycustomdomain.com] found in HostSNI rule" routerName=whoami@docker rule="Host(`whoami.mycustomdomain.com`)" providerName=myresolver.acme
time="2020-03-13T04:23:30Z" level=debug msg="Looking for provided certificate(s) to validate [\"whoami.mycustomdomain.com\"]..." rule="Host(`whoami.mycustomdomain.com`)" providerName=myresolver.acme routerName=whoami@docker
time="2020-03-13T04:23:30Z" level=debug msg="Domains [\"whoami.mycustomdomain.com\"] need ACME certificates generation for domains \"whoami.mycustomdomain.com\"." providerName=myresolver.acme routerName=whoami@docker rule="Host(`whoami.mycustomdomain.com`)"
time="2020-03-13T04:23:30Z" level=debug msg="Loading ACME certificates [whoami.mycustomdomain.com]..." routerName=whoami@docker rule="Host(`whoami.mycustomdomain.com`)" providerName=myresolver.acme
time="2020-03-13T04:23:30Z" level=debug msg="Serving default certificate for request: \"server.home.mycustomdomain.com\""
time="2020-03-13T04:23:30Z" level=debug msg="http: TLS handshake error from 192.168.0.101:51690: remote error: tls: unknown certificate"
time="2020-03-13T04:23:33Z" level=debug msg="Building ACME client..." providerName=myresolver.acme
time="2020-03-13T04:23:33Z" level=debug msg="https://acme-staging-v02.api.letsencrypt.org/directory" providerName=myresolver.acme
time="2020-03-13T04:23:33Z" level=info msg=Register... providerName=myresolver.acme
time="2020-03-13T04:23:33Z" level=debug msg="legolog: [INFO] acme: Registering account for mycustomemail@gmail.com"
time="2020-03-13T04:23:34Z" level=debug msg="Using DNS Challenge provider: cloudflare" providerName=myresolver.acme
time="2020-03-13T04:23:34Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Obtaining bundled SAN certificate"
time="2020-03-13T04:23:34Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/43491726"
time="2020-03-13T04:23:34Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Could not find solver for: tls-alpn-01"
time="2020-03-13T04:23:34Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Could not find solver for: http-01"
time="2020-03-13T04:23:34Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: use dns-01 solver"
time="2020-03-13T04:23:34Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Preparing to solve DNS-01"
time="2020-03-13T04:23:35Z" level=debug msg="legolog: [INFO] cloudflare: new record for whoami.mycustomdomain.com, ID 8717da3fbfec13b96db1c3954d41377d"
time="2020-03-13T04:23:35Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Trying to solve DNS-01"
time="2020-03-13T04:23:35Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Checking DNS record propagation using [127.0.0.11:53]"
time="2020-03-13T04:23:35Z" level=debug msg="legolog: [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]"
time="2020-03-13T04:23:35Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Waiting for DNS record propagation."
time="2020-03-13T04:23:37Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Waiting for DNS record propagation."
time="2020-03-13T04:23:43Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] The server validated our request"
time="2020-03-13T04:23:43Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Cleaning DNS-01 challenge"
time="2020-03-13T04:23:43Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] acme: Validations succeeded; requesting certificates"
time="2020-03-13T04:23:49Z" level=debug msg="legolog: [INFO] [whoami.mycustomdomain.com] Server responded with a certificate."
time="2020-03-13T04:23:49Z" level=debug msg="Certificates obtained for domains [whoami.mycustomdomain.com]" routerName=whoami@docker rule="Host(`whoami.mycustomdomain.com`)" providerName=myresolver.acme
time="2020-03-13T04:23:49Z" level=debug msg="Configuration received from provider myresolver.acme: {\"http\":{},\"tls\":{}}" providerName=myresolver.acme
time="2020-03-13T04:23:49Z" level=debug msg="Adding certificate for domain(s) whoami.mycustomdomain.com"
time="2020-03-13T04:23:49Z" level=debug msg="No default certificate, generating one"
time="2020-03-13T04:23:50Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal middlewareName=tracing
time="2020-03-13T04:23:50Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" routerName=dashboard@internal middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
time="2020-03-13T04:23:50Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal entryPointName=traefik
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal
time="2020-03-13T04:23:50Z" level=debug msg="Setting up redirection from ^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$ to ${1}/dashboard/" entryPointName=traefik routerName=dashboard@internal middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal
time="2020-03-13T04:23:50Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik middlewareName=dashboard_redirect@internal routerName=dashboard@internal
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" routerName=traefik@docker serviceName=traefik-docker-compose middlewareName=pipelining middlewareType=Pipelining entryPointName=web
time="2020-03-13T04:23:50Z" level=debug msg="Creating load-balancer" routerName=traefik@docker serviceName=traefik-docker-compose entryPointName=web
time="2020-03-13T04:23:50Z" level=debug msg="Creating server 0 http://172.18.0.3:80" serverName=0 serviceName=traefik-docker-compose entryPointName=web routerName=traefik@docker
time="2020-03-13T04:23:50Z" level=debug msg="Added outgoing tracing middleware traefik-docker-compose" entryPointName=web routerName=traefik@docker middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=web middlewareName=traefik-internal-recovery
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" routerName=whoami@docker middlewareName=pipelining middlewareType=Pipelining serviceName=whoami-docker-compose entryPointName=websecure
time="2020-03-13T04:23:50Z" level=debug msg="Creating load-balancer" entryPointName=websecure routerName=whoami@docker serviceName=whoami-docker-compose
time="2020-03-13T04:23:50Z" level=debug msg="Creating server 0 http://172.18.0.2:80" serviceName=whoami-docker-compose entryPointName=websecure serverName=0 routerName=whoami@docker
time="2020-03-13T04:23:50Z" level=debug msg="Added outgoing tracing middleware whoami-docker-compose" routerName=whoami@docker entryPointName=websecure middlewareName=tracing middlewareType=TracingForwarder
time="2020-03-13T04:23:50Z" level=debug msg="Creating middleware" entryPointName=websecure middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-03-13T04:23:50Z" level=debug msg="Try to challenge certificate for domain [whoami.mycustomdomain.com] found in HostSNI rule" routerName=whoami@docker rule="Host(`whoami.mycustomdomain.com`)" providerName=myresolver.acme
time="2020-03-13T04:23:50Z" level=debug msg="Looking for provided certificate(s) to validate [\"whoami.mycustomdomain.com\"]..." rule="Host(`whoami.mycustomdomain.com`)" providerName=myresolver.acme routerName=whoami@docker
time="2020-03-13T04:23:50Z" level=debug msg="No ACME certificate generation required for domains [\"whoami.mycustomdomain.com\"]." providerName=myresolver.acme routerName=whoami@docker rule="Host(`whoami.mycustomdomain.com`)"
time="2020-03-13T04:28:30Z" level=debug msg="Serving default certificate for request: \"server.home.mycustomdomain.com\""
time="2020-03-13T04:28:30Z" level=debug msg="http: TLS handshake error from 192.168.0.101:52218: remote error: tls: unknown certificate"
time="2020-03-13T04:33:30Z" level=debug msg="Serving default certificate for request: \"server.home.mycustomdomain.com\""
time="2020-03-13T04:33:30Z" level=debug msg="http: TLS handshake error from 192.168.0.101:52924: remote error: tls: unknown certificate"

Any ideas.. thanks in advance