Currently, Railway’s TCP Proxy provides a stable way to expose raw TCP services (e.g. WebSocket game servers), but it does not support attaching custom domains or SSL certificates. This limits developers who want secure wss:// connections.

Please add support for:

• Mapping custom domains (e.g. server.mydomain.com) to TCP Proxy endpoints.

• Automatic or manual SSL/TLS certificate management (similar to how HTTP services use Let’s Encrypt).

• Optionally, exposing TCP Proxy traffic over port 443 for secure WebSocket connections (wss://).

Why it matters:
This would let developers host persistent, secure WebSocket or game servers directly on Railway — maintaining stability and ease of deployment — without needing to set up an external reverse proxy or Cloudflare tunnel. It would make Railway a complete solution for real-time apps and multiplayer backends.

Example use case:
A Node.js/Socket.IO game server using Railway’s TCP Proxy could serve players securely via wss://server.example.com, rather than a raw tcp://...railway.app:12345 endpoint.