Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Well, that's a fairly complex set of pieces and you haven't given many details to work with.
Are you specifically concerned with problems just with your apex domain: cffsapps.net ?
Because that is behind Cloudflare's CDN. Which is acquiring certs with its Universal SSL for use in its edge locations. But I see HTTPS connections to your apex working fine so I am puzzled what the problem is there.
I see you recently got certs for various subdomains of that domain. Is it one or more of those that is a problem?
Are you using Traefix running inside Docker to get a cert for HTTPS between the CDN Edge and your Origin server?
I have so many questions about your post I am not sure where to begin. Any more details would be helpful. Errors from a log would be better than just "certificate field says null".