Traefik 502 Error Routing to SSL Port of Another Container

Hello,

I'm trying to get Pterodactyl working through Traefik through Podman on Fedora 36. I should preface that Traefik works great on Podman with File as I have about 35-40 services running through it currently. I'm having an issue with Pterodactyl and the Wings server however and can't figure out the issue.

The Panel server is running on the same host as Traefik and has the following ports mapped (82:80, 445:443). I can get the Panel working with the following Entrypoint, Service and Router configuration below:

websecure:
    address: :443
    http:
      tls:
        options: default
        certResolver: letsEncrypt
        domains:
          - main: "mydomain.com"
            sans:
              - "*.mydomain.com"

    panel:
      loadBalancer:
        passHostHeader: true
        servers:
          - url: http://192.168.10.200:82

    panel:
      rule: (Host(`panel.mydomain.com`))
      service: panel
      entryPoints:
        - "websecure"

My issue occurs once I try to add a Wing server into the configuration which wants to talk over port 443. I've spun up a stand-alone Debian server and have the Wing agent installed via docker and is working accordingly.

I've added the wing server using the same entrypoint above (like all my other services) but I keep getting 500 and 502 errors. I know it is set up through the proxy correctly though because prior to the 500 and 502 errors I was getting CORS errors on the Panel page. Adding the appropriate Middleware fixes this error.

Further reading on the Pterodactyl configuration mentions that both Panel and Wing server want to talk over SSL exclusively, so I tried changing my service to match against https://192.168.10.200:445 which has worked for other devices in my network that have SSL matched to a different port. But this does not work and results in a 500 or 502 error. I assume this is because the container is on the same host as the proxy but am not certain.

I then though perhaps it was the entrypoint causing an issue as it's mapped to 445 instead of 443, so I changed my configuration to the following Entrypoint, Service and Router below:

  panel:
    address: :445
    http:
      tls:
        options: default
        certResolver: letsEncrypt
        domains:
          - main: "mydomain.com"
            sans:
              - "*.mydomain.com"
    panel:
      loadBalancer:
        passHostHeader: true
        servers:
          - url: https://192.168.10.200:445
    panel:
      rule: (Host(`panel.mydomain.com`))
      service: panel
      entryPoints:
        - "panel"

This however leads to a 404 error due to the change of entrypoint. I'm running podman in root mode (yes, shame on me), and the network for my containers on the host is bridged mode. I've created the proper DNS entries on my DNS servers internally, I've created the proper public A records in Cloudflare. I'm not certain what the hiccup is here and need some assistance!

I'm happy to pull logs if needed but will need some direction in providing the proper lines as needed. I'm running Jaeger tracing but I can't seem to pull anymore meaningful information from it that the web console log doesn't already show.