I pointed a CNAME from one of my own domains to one of my tailnet machines and set up a Caddy instance to complete a DNS challenge. I didn’t have any trouble with that process on my end, everything went through A-OK, I got my cert on the first try, and was able to curl the public domain and get a response from my Caddy instance.
Given that you’re getting DNS issues, my only conclusion here is that your local DNS resolution is misconfigured or broken.
You can tell Caddy to skip local DNS resolution and use a specific server with the resolvers subdirective: tls (Caddyfile directive) — Caddy Documentation
It would look something like this:
(cloudflare) {
tls {
dns cloudflare <api_token>
resolvers 1.1.1.1 1.0.0.1
}
}