Ah I see what’s going on.
You enabled on_demand for your *.wild.domains.net. This means Caddy will not attempt to fetch a wildcard cert at server-start because it was marked as On-Demand.
Your wildcard site blocks should not have on_demand, so that Caddy manages certs for those up-front.