certificate system working?

Last night I was able to set up a certificate for an app, but today it doesn’t seem to be working. I configured the “challenge” several hours ago but it isn’t registered as confirmed. I tried creating the A / AAAA records but got SSL errors so I quickly reverted to my old DNS settings.

Not sure if it is related - but in the app I created this morning I also had to manually create IP addresses (flyctl ips). This wasn’t a big deal but I didn’t have to go through that step yesterday when I set up my staging app, so I’m curious about what changed or what inadvertent different thing I did.

update: I was able to get it working by creating the challenge records, deleting the certificate, then creating a new certificate.