How to obtain HTTPS certs behind load balancer?

[NullHypothesis]

With our current setup, it will be difficult to run more than one enclave in Kubernetes: When an enclave requests an HTTPS certificate from Let's Encrypt using the HTTP challenge, the load balancer won't know which enclave to forward incoming HTTP requests to. Some possible solutions to this:

• Maybe there's some clever Kubernetes trick to work around this?
• Use the DNS challenge instead, and make it possible for an enclave to set the DNS TXT record.
• Synchronize the certificate along with an enclave's key material. But that means that we can only start a new enclave once the original enclave is done requesting its certificate.