- Use cloudflare to get an api token
- Set an a record for a wildcart cert *.domain.com pointing towards your servers local IP such as 192.168.0.1, turn off cloudflare proxy
- Go into NPM and setup the SSL cert using dns challenge and your api token
- setup a proxy host user your subdomain.domain.com pointing towards your docker container
- key step!!! make sure you do not have conflicting ports 80 and 443 on your machine. On unraid the device management ports are set to this, but for NPM to do local proxies, it needs access to these ports.
Or you can do the dns challenge for letsencrypt
The DNS-01 challenge can be used to generate a wildcard by creating the requested dns record in your public dns zone, then you can use that cert for internal servers/dns. With certain dns providers it can even be automated.
https://eff-certbot.readthedocs.io/en/stable/using.html#third-party-plugins