I set up a fly app many months ago with a custom domain and certificate. When I set it up, I used only A and AAAA records, no CNAME. When I set up the app, I did successfully issue the certificate.

For some reason, the certificate now doesn’t want to validate, despite the configuration still being correct.

It looks like we’re having problems connecting to your DNS provider for this hostname. We’re trying to figure out what’s up.

My DNS is also hosted on Fly. Not sure if that helps?

Ah yeah, that might be related. I’m not sure our workers are talking to UDP services hosted on Fly apps properly.

Your DNS server isn’t serving TCP DNS, if you set that up it might get you going while we figure out the UDP issue.

We went ahead and manually issued the certs for now while we get the UDP issue diagnosed.