TLS Gotchas

• Problem: When using split DNS, cert-manager will fail propagation check if DNS is not set properly.

  Solution: Add host to local DNS resolver config and restart before requesting the cert. If both an upstream and coredns are used, either restart both or wait for the cache to expire in coredns.