You can’t use TLS-ALPN (lego's --tls option) when your domain is going through Cloudflare’s proxy. Cloudflare doesn’t allow non-HTTP ALPNs to pass through its CDN.
I notice that you’ve now disabled the Cloudflare proxy on your domain, since creating your post.
If you try again, I suspect it should now work.