so, the proxy finds your correct cert file and serves this? i had to add the specific domain and put all the cert files into the (one and only) default store to make one traefic use the correct tls cert for each subdomain...
http:
routers:
example1:
rule: "Host(`sub.example.com`)"
service: "sub-service"
entryPoints:
- web-http
- web-https
tls:
domains:
- main: "sub.example.com"
hth, marcel