TL;DR: I've entered a new domain but it's not being propagated, what step have I missed:

Long form:

I'm listing a new domain, I think I'm leaving some stage out, but I can't figure out which.

The new domain is entered via the CloudFlare web portal. If I go to my own profile page, then in the Websites page, I find the domain name listed with an "Active" button. Click that... then, under:

DNS -> Records

...I find the entries I'd expect. Like:

MX [domain name] [my mail server] 50 Auto
A [domain name] [IP address] [DNS only] Auto
A www [IP address] [DNS only] Auto

So far so good. Next, on a shell, if I call

$ dig [my domain]

...the new domain comes back in the "ANSWER SECTION" listing.

But if I try to have it listed elsewhere:

$ dig @ [my domain]'s not showing up.

So I'm sure I've skipped a step somewhere. I've tried to run through it multiple times; maybe too much: it now appears twice in my cloudflare dashboard, once tagged "Active", and once tagged as "Pending Nameserver Update". Is that a clue? Like, have I thrashed this so much that I've broken it?


It's not clear to me that your question has anything at all to do with Let's Encrypt, and since you haven't given your domain, it's not really possible for us to do more than speculate about what the cause might be. But with that said, it sounds like you've failed to set the DNS glue records appropriately--the NS records for your new domain need to point only to Cloudflare's servers.


Gah. Turns out this was a typo on my end, mea culpa, sigh, etc.


