My domain is: freedle.xyz
I ran this command: (none)
It produced this output: Someone got a certificate issued for my domain
My web server is (include version): (n/a)
The operating system my web server runs on is (include version): (n/a)
My hosting provider, if applicable, is: namecheap for registrar, Cloudflare for nameservers
I can login to a root shell on my machine (yes or no, or I don't know): (n/a)
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): (n/a)
I received an email from cloudflare's certificate transparency thing, advising me that a Let's Encrypt certificate was issued for a domain I control/own. I did not issue a request for this certificate and my auto-renew script does not call for an SSL certificate for this domain. How did this get issued and how can I ensure this does not happen in future? I have full 2fa set up on my entire chain.
Details from the cloudflare email:
Log date: 2023-01-02 02:48:17 UTC
Issuer: CN=E1,O=Let's Encrypt,C=US
Validity: 2023-01-02 01:48:17 UTC - 2023-04-02 01:48:16 UTC
DNS Names: *.freedle.xyz, freedle.xyz