Caddy is unable to fetch certificates for new domain

sorry to open this again, but now the my main server (the one :80 and :443 are forwarded to) stop having a certificate for my Tailscale domain, but other 3 domains I’m serving from the the same Caddy instance are working just fine.

May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.714738,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"azabache.narwhal-nominal.ts.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7148476,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.narwhal-nominal.ts.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7149622,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.ts.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7150018,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.*.net"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7150383,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.*.*"}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.715091,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","server_name":"azabache.narwhal-nominal.ts.net","remote":"100.106.90.42:50309","identifier":"azabache.narwhal-nominal.ts.net","cipher_suites":[4865,4867,4866,49195,49199,52393,52392,49196,49200,49162,49161,49171,49172,156,157,47,53],"cert_cache_fill":0.0003,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false}
May 06 13:40:14 azabache caddy[328148]: {"level":"debug","ts":1651844414.7153354,"logger":"http.stdlib","msg":"http: TLS handshake error from 100.106.90.42:50309: no certificate available for 'azabache.narwhal-nominal.ts.net'"}

Update to include Caddyfile

{
        debug
        servers {
                protocol {
                        experimental_http3
                }
        }
}

azabache.narwhal-nominal.ts.net {
        encode zstd gzip
        rewrite * /admin{uri}
        reverse_proxy localhost:1080
        log {
                output file /var/log/caddy/pihole.log
        }
}

chat.pinayalcachofa.es {
        encode zstd gzip
        reverse_proxy localhost:3000
        log {
                output file /var/log/caddy/rocket-chat.log
        }
}

manual.pinayalcachofa.es {
        encode zstd gzip
        reverse_proxy unix//var/discourse/shared/standalone/nginx.http.sock
        log {
                output file /var/log/caddy/discourse.log
        }
}

metricas.pinayalcachofa.es {
        encode zstd gzip
        reverse_proxy 192.168.10.65:3000
        log {
                output file /var/log/caddy/grafana.log
        }
}

Update 2:

after being stuck on this for a while I’ve decide to open a new topic, as it’s a different issue: No matching certificate for Tailscale domain