I set up a fly app many months ago with a custom domain and certificate. When I set it up, I used only A and AAAA records, no CNAME. When I set up the app, I did successfully issue the certificate.
For some reason, the certificate now doesn’t want to validate, despite the configuration still being correct.