[question/help] tls requirement for shadow-tls

[raberto-nowhere]

Hi there, does shadow-tls require acme or a valid tls certificate?

i think i will be putting shadow-tls+shadowsocks behind caddy (also hosting other website and webapp) which will bring a real tls certificate but i am a little confused with this part

It works like trojan but it does not require signing certificate. The firewall will see real tls handshake with valid certificate that you choose.

does this mean that we don't need acme/letsencrypt and that the valid certificate will be from a website on the whitelist which specified in the sni?

[raberto-nowhere]

I think i determined that traefik can't be used since HostSNI requires TLS. it makes sense since sni is a extension of tls.