We have been improving how certificate errors are presented recently, as discussed in A bundle of improvements to certificates.
One error that wasn’t properly caught at that time was a rate limit error passed through from Let’s Encrypt. Their rate limits can be hit if you remove and re-add a certificate too frequently, or if you issue too many certificates on one hostname. Until now your certificate would appear configured, but not issued, and would hang there for some arbitrary amount of time.
We now pass these errors through to the dashboard and flyctl, so you can see how long the hostname has been limited for. Plus, we schedule issuance to retry automatically once the rate limit expires.