Hi,
We’re experimenting with Argo Tunnel on a Windows box.
The Windows box runs a website on port 443 which is secured using a wildcard certificate which has *.internaldomain.com as the common name.
We can see Argo Tunnel create a tunnel but when we connect from outside through Cloudflare we can see the errors below in Argo Tunnel “x509: certificate signed by unknown authority”
The certificate is from DigiCert so isn’t an “unknown authority” – what are we missing please? 
PS C:\Cloudflared-stable-windows-amd64> .\Cloudflared.exe --hostname files.externaldomain.com --origin-server-name *.internaldomain.com https://localhost:443
←[36mINFO←[0m[0000] Cloudflared will not automatically update when run from the shell. To enable auto-updates, run Cloudflared as a service: https://developers.cloudflare.com/argo-tunnel/reference/service/
←[36mINFO←[0m[0000] Proxying tunnel requests to https://localhost:443
←[33mWARN←[0m[0000] error obtaining the system certificates: %scrypto/x509: system root pool is not available on Windows
←[36mINFO←[0m[0000] Starting metrics server ←[36maddr←[0m="127.0.0.1:54651"
←[36mINFO←[0m[0001] Connected to LHR
←[36mINFO←[0m[0002] Connected to MAN
←[36mINFO←[0m[0003] Connected to LHR
←[36mINFO←[0m[0004] Connected to MAN
←[36mINFO←[0m[0013] GET https://localhost:443/ HTTP/1.1 ←[36mCF-RAY←[0m=414264ebfb926a25-LHR
←[31mERRO←[0m[0013] HTTP request error ←[31merror←[0m="x509: certificate signed by unknown authority"
←[36mINFO←[0m[0013] GET https://localhost:443/ HTTP/1.1 ←[36mCF-RAY←[0m=414264ecec9b6a25-LHR
←[31mERRO←[0m[0013] HTTP request error ←[31merror←[0m="x509: certificate signed by unknown authority"