SSL certificate for mulitple domains and multiple machines

Hi,

I have a bit of an advanced networking situation.

I have two machines acting as servers on the same local network. One has an personal Unraid server running on it and the other has a work HA OS running on a Proxmox setup. The Unraid server acts as the main proxy with two domains pointed to it and then SWAG/Cloudflare-DDNS runs on that directing subdomains of one of the domains to the various containers hosted on Unraid. The other domain is actually just a subdomain configured to direct to the other local machine entirely (the HA one). The full domain is a website hosted on a third-party server.

The problem I have is the SSL certificates. Should these be grabbed and stored on the Unraid machine or on the HA machine? I would have thought HA as that is the actual server serving the files/pages when you access that domain.

If that’s the case what do I need to do to get that certificate on HA.

At the moment I have just been able to access HA remotely using https://whatever.address and then ignoring the SSL warning. But that means I can’t use the companion app or Fully Kiosk browser on a tablet.

Maybe this is less of a Home Assistant thing and more of a Swag/SSl/proxy thing.

Any advice?

Thanks

For simplicity probably the single server should act as the proxy and provide cert assuming both server ate in same local network

You can redirect queries to sub domain and provide cert there but i think that gets messy and confusing

I have my proxy direct traffic to local servers/services and provide cert. the services are connected to proxy as http so all local is http and only https when accessed through proxy/domain name