I added the hostname *.test.example.com to an app (call it app-1). I set up the DNS and issued the wildcard certificate is issued. Routing to the App is working as expected.
Next, I create another app, app-2. To this app, I added the hostname app-2.test.example.com.
The certificate isn’t issued for this app.
Furthermore, even non-TLS (plain old HTTP) seems to be bound for app-1 instead of the more specific app-2.
What I was trying to figure out was:
If I could provision a wildcard certificate in app-1
and then create sub-domain-specific apps, and fly-proxy will be smart enough to use the wildcard cert AND route the request to the more specific hostname to the appropriate app
It seems the first app to call dibs wins.
Is there any way to tweak routing in fly-proxy so that the wildcard certificate is used for TLS handshake, and then routing is done based on the most specific hostname match (common in some proxies)?