Hi. I'm trying to test a LetsEncrypt setup that I can use to apply letsencrypt certificates for my customers 3rd-party domains, using CNAME.
I've used the following documentation as inspiration: https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme.html
My domain is: Loyaltykey.com and it's using Cloudflare DNS only.
My test domain (clubloyalty.dk) is hosted at a 3rd party and I've created 2 CNAME records. One for the ACME challenge and one for the homepage.
My ACME challenge CNAME record looks like this:
_acme-challenge.clubloyalty.dk CNAME 3600 clubloyalty.loyaltykey.com
On my loyaltykey.com domain I've created a TXT record that looks like this:
clubloyalty.loyaltykey.com TXT _acme-challenge.clubloyalty.dk
I ran this command:
certbot certonly --cert-name test.clubloyalty.dk --dns-cloudflare --dns-cloudflare-credentials /path/to/cloudflarecreds --server https://acme-v02.api.letsencrypt.org/directory -d "test.clubloyalty.dk" -d clubloyalty.dk
It produced this output:
Unable to determine zone_id for clubloyalty.dk using zone names: [u'clubloyalty.dk', u'dk']. Please confirm that the domain name has been entered correctly and is already associated with the supplied Cloudflare account.
... So it looks like the ACME challenge passed, but I cant figure out why it wants to find clubloyalty.dk in Cloudflare. Is my setup even possible when using Cloudflare DNS? Wildcard certificates is not a must-have, but I want certificate renewals to be automatic.
Hope it makes sense