Do you have your own domain name, or are you using one of the domains provided by no-ip.com like
In the latter case, I don’t think it’s possible to CNAME the
_acme-challenge subdomain at all. I just tried it, and it complained both about it being too long, and an underscore causing it to be invalid.
If it’s your own domain, I was going to suggest you setup the CNAME to the acme-dns service.
e.g. Register an acme-dns account:
$ curl -X POST https://auth.acme-dns.io/register
_acme-challenge.example.com as a
fulldomain from the above (in my case,
Then follow along with https://github.com/Neilpang/acme.sh/wiki/dnsapi#45-use-acme-dns-api for autorenewing certificates.
It avoids having to acquire a second domain to put on e.g. Cloudflare. (But has the downside of trusting the operator of