challenge failed No TXT record found

[kdevan]

This took me awhile to figure out so just leaving an issue here to make it easier for others to find the solution.

For some reason the propagation check will sometimes not work. In my case it seemed to work with root domain but not subdomains. I have a mix of root domain records and subdomain records in my zone file so maybe that's relevant? The reason is for staging and production environment. Or maybe because in my case I'm getting certs for many domains and subdomains at once? In my case I use Fly.io servers so could even be my cloud provider of choice? I have no idea but this solution worked for me.

This is where I found the solution: https://caddy.community/t/timeout-waiting-for-record-to-fully-propagate/22696/2

If I turn off the propagation check and instead use a 20 second timeout, then everything works for me. The relevant Caddyfile configuration is as follows:

*.foo.bar.com, foo.bar.com {
  tls {
    issuer acme {
      dns route53
      propagation_timeout -1
      propagation_delay 20s
    }
  }
}

"issuers": [
  {
    "module": "acme",
    "challenges": {
      "dns": {
        "propagation_delay": 20000000000,
        "propagation_timeout": -1,
        "provider": {
          "name": "route53",
        }
      }
    }
  }
]

[kdevan]

Seems to be fixed with "wait_for_propagation": true now.