Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ask because I see your main domain name sapakreatif.com server is using a Cloudflare cert which you got on Jan16 2022 which does not expire for a year.
Before you setup Cloudflare you got a cert from Let's Encrypt (maybe with cPanel?) on Jan5 2022.
I am guessing the cert you got on Jan5 needs to be changed for your newer Cloudflare configuration. But, it would help if you would explain what you are trying to do. Thanks
If you originally set up your certificate with DNS validation in cPanel, it means you were using cPanel nameservers for your domain at the time.
I would guess that you have since moved your domain to Cloudflare nameservers. This means that you can no longer use the DNS validation method within cPanel, because cPanel does not have access to modify your DNS records in Cloudflare.
What you can do is login to cPanel and recreate the certificate through the Lets Encrypt SSL interface, choosing the HTTP validation method instead.
I was trying to renew my SSL Certificate, and yes, my certificate was registered before I configured the Cloudflare.
Oh, and I didn't that cPanel can't modify my records in Cloudflare. So, I'll have to delete my current certificate and issue a new one using the HTTP method?
NXDOMAIN means that subdomains don't exist as well. If a subdomain exists, but there's just no record for the subdomain level being requested, it should still return NOERROR. (So if _acme-challenge.name.example is supposed to have a TXT record, then name.example needs to return NOERROR with no records instead of NXDOMAIN.) This has been a common source of confusion in some DNSSEC implementations, though.