I followed the directions for using Zrok with Docker and Caddy. There is a behavior I cannot get my head around yet. If you put a random string in front of my DNS zone and navigate to it with a browser, you get a 404. If you land on the DNS zone without a subdomain in front, there is either an empty response or a tls errors, depending on if you start with port 80 or 443.
Is this a known error, or am I breaking it anew? Or do I have a fundamental misunderstanding? Thank you for any help.
openssl s_client --connect <DNS ZONE>:80
returns the self signed cert
openssl s_client --connect <DNS ZONE>:443
returns an error
openssl s_client --connect z.<DNS ZONE>:80
returns the self signed cert
openssl s_client --connect z.<DNS ZONE>:443
returns the correct wildcard certificate
