Unable to verify locally provided SSL certificates

[Vixenary]

Describe the bug

I'm currently trying to use my own SSL certificates per the instructions in https://github.com/opencloud-eu/opencloud-compose/tree/main?tab=readme-ov-file#use-certificates-from-the-certs-directory.

Steps to reproduce

1. Set up OpenCloud via the instructions in https://docs.opencloud.eu/docs/admin/getting-started/container/docker-compose/docker-compose-base/.
2. Set up local SSL certificate files via the instructions in https://github.com/opencloud-eu/opencloud-compose/tree/main?tab=readme-ov-file#use-certificates-from-the-certs-directory.
3. Attempt to log in to my OpenCloud: https://cloud.dollpops.com.

Expected behavior

I expect that OpenCloud is able to successfully verify my signed certificates.

Actual behavior

I receive the following error:

{"level":"info","service":"proxy","proto":"HTTP/1.1","request-id":"135e6860-c482-4a6d-a1b9-70f62ef43a58","traceid":"ab96ae381305749926b817d68acb131a","remote-addr":"23.234.84.53","method":"POST","status":401,"path":"/api/v0/settings/roles-list","duration":2.72926,"bytes":0,"time":"2026-01-29T04:43:51Z","line":"github.com/opencloud-eu/opencloud/services/proxy/pkg/middleware/accesslog.go:34","message":"access-log"}
{"level":"error","service":"proxy","error":"failed to verify access token: Get \"https://cloud.dollpops.com/.well-known/openid-configuration\": tls: failed to verify certificate: x509: certificate signed by unknown authority","authenticator":"oidc","path":"/graph/v1.0/me","user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:147.0) Gecko/20100101 Firefox/147.0","client.address":"23.234.84.53","network.peer.address":"","network.peer.port":"","time":"2026-01-29T04:43:51Z","line":"github.com/opencloud-eu/opencloud/services/proxy/pkg/middleware/oidc_auth.go:198","message":"failed to authenticate the request"}
{"level":"info","service":"proxy","proto":"HTTP/1.1","request-id":"6ff5acb7-744f-4baf-acc0-5ecf017aeb71","traceid":"bb733844446de5133009dfb6e043862c","remote-addr":"23.234.84.53","method":"GET","status":401,"path":"/graph/v1.0/me","duration":4.748764,"bytes":0,"time":"2026-01-29T04:43:51Z","line":"github.com/opencloud-eu/opencloud/services/proxy/pkg/middleware/accesslog.go:34","message":"access-log"}
{"level":"info","service":"storage-system","host.name":"134e8ae1eec7","pkg":"rgrpc","traceid":"dd3b1a0540af70c93ceea7ec5455d669","time":"2026-01-29T04:44:30Z","line":"github.com/opencloud-eu/reva/v2@v2.42.1/internal/grpc/services/authprovider/authprovider.go:146","message":"user idp:\"internal\"  opaque_id:\"1137aea4-17b9-4abc-8902-5f444a77cb7f\"  type:USER_TYPE_SERVICE authenticated"}

Setup

Environment file: env.txt
Traefik certs.yml: certs.txt

Additional context

• My SSL certificate is a wildcard certificate managed by my domain registrar. The certificate is valid through August of 2026.
• I was able to log in previously when OpenCloud was using SSL through Let's Encrypt.
• My browser recognizes my SSL certificate