Getting error for Cloudflare certbot

I am using Cloudflare certbot with its Global API key. Earlier the entire process was flawless. Now in first attempt I get this kind of error message. In Second attempt same thing works.

root@example:~/.secrets# certbot certonly --dns-cloudflare --dns-cloudflare-credentials /root/.secrets/cloudflare.ini -d,* --preferred-challenges dns-01
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel):

Please read the Terms of Service at You must
agree in order to register with the ACME server. Do you agree?

(Y)es/(N)o: Y

Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.

(Y)es/(N)o: N
Account registered.
Requesting a certificate for and *
Waiting 10 seconds for DNS changes to propagate

Certbot failed to authenticate some domains (authenticator: dns-cloudflare). The Certificate Authority reported these p roblems:
Type: unauthorized
Detail: Incorrect TXT record "fsYVAf4TJV3Ud-rFsLLdV_sxTrIBJAb_rJYiTfGJJL8" found at

Hint: The Certificate Authority failed to verify the DNS TXT records created by --dns-cloudflare. Ensure the above doma ins are hosted by this DNS provider, or try increasing --dns-cloudflare-propagation-seconds (currently 10 seconds).

Some challenges have failed.
Ask for help or search for solutions at See the logfile /var/log/letsencrypt/letsenc rypt.log or re-run Certbot with -v for more details.

What is weird that - when I request cert req command again it just works.

certbot certonly --dns-cloudflare --dns-cloudflare-credentials /root/.secrets/cloudflare.ini                                                  -d,* --preferred-challenges dns-01

This happened two times since yesterday.

What happens when you increase the propagation delay to, say, 60 seconds?


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.