TLS and SSL for https access to the API webinterface on 8080

For my use case I don’t want to set up a proxy if I can avoid it - in v3 it was very conveniently solved.
Yesterday I tried to set it up in v4 (docker), but I didn’t succeed.

In v3 I was using:
docker-compose.yml

  chirpstack-application-server:
    image: chirpstack/chirpstack-application-server:3
    ports:
       - 443:8080

and in chirpstack-application-server.toml

  [application_server.external_api]
  bind="0.0.0.0:8080"
  jwt_secret="verysecret"

 # http server TLS certificate (optional)
 tls_cert="...../chirpstack-application-server-api-server.pem"

 # http server TLS key (optional)
 tls_key="...../chirpstack-application-server-api-server-key.pem"

In v4 I configured:

# API interface configuration.
[api]
  # interface:port to bind the API interface to.
  bind="0.0.0.0:8080"
 secret="my-secret....."

[backend_interfaces]
  # interface:port to bind the Backend Interfaces API to.
  bind="0.0.0.0:8081"
  ca_cert="...../my_ca.crt"
  tls_cert= "...../chirpstack-application-server-api-server.pem"
  tls_key="...../chirpstack-application-server-api-server-key.pem"

In docker-compose.yml I was trying to map the ports:
- 443:8080 → no connection (obviously 8080 is no TLS endpoint)
- 443:8081 → no connection
The bind port in [api] and [backend_interfaces] obvioulsy have to be different ones, otherwise the container doesn’t start (port already bound).

Anyone got an idea what I’m missing to make it work or isn’t it supported in v4 anymore?