Wildcard SSL certificate served over normal SSL certificate

I've got 2 certificates, one for the root domain (example.com) and one for the wildcard subdomains (*.example.com)

Now the wildcard subdomain also supports SSL for the root domain, so traefik serve's the wildcard ssl certificate on the root domain instead of the certificate specific for the root domain

Now I've made an issue on github but maybe someone here can help.

Github link: https://github.com/containous/traefik/issues/5206

Hello @ChrisCreate,

Traefik 1.7 caches certificate responses to improve TLS performance.

In your case, because both your wildcard certificate and your other certificate are both valid, Traefik cannot know which one to choose to serve. It just uses whatever certificate is cached at the time.

If you are required to only serve one certificate for the root domain, I would suggest removing the SAN from your wildcard.