We are hosting a few servers on AWS on of them is the URL above. I'm using Certify the Web to generate SSL certificates and get the following issue:
2023-10-05 11:19:11.538 +02:00 [INF] Domain validation failed: trial.platformmanager.com
Incorrect TXT record "dfc259b9-7f61-48f6-a284-07dd280e409b.auth.acme-dns.io" found at _acme-challenge.trial.platformmanager.com Forbidden urn:ietf:params:acme:error:unauthorized
2023-10-05 11:19:11.967 +02:00 [INF] DNS: Deleting TXT Record '_acme-challenge.trial.platformmanager.com', in Zone Id '' using API provider 'acme-dns DNS API'
2023-10-05 11:19:12.292 +02:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: trial.platformmanager.com
Incorrect TXT record "dfc259b9-7f61-48f6-a284-07dd280e409b.auth.acme-dns.io" found at _acme-challenge.trial.platformmanager.com Forbidden urn:ietf:params:acme:error:unauthorized
This message indicates that CTW is expecting to use acme-dns for validation, but your DNS for your domain is hosted by Cloudflare, and there's no CNAME record that would point _acme-challenge.test.platformmanager.com to an acme-dns server (either yours (preferred) or auth.acme-dns.io (less-preferred)). So either you need to recreate that CNAME record, or you need to use CTW to use a different validation method--perhaps DNS validation via Cloudflare.
Edit: the CNAME record would look something like this: _acme-challenge.notes.familybrown.org. 300 IN CNAME 1c1dd8a2-8273-47a1-b334-8933dfb2504d.acme.familybrown.org
It should have been to a subdomain of a domain they owned, rather than to acme-dns.io--the latter is really intended for testing, not for production use, as acme-dns is intended to be self-hosted. But it's true that the sample implementations for acme-dns do default to auth.acme-dns.io. Regardless, though, my example was as "something like this;" certainly the domain would be different in any event.
I agree, but I'm not sure if "would look something" is a strong enough hint for people NOT to put that in literally instead of learning more about acme-dns and spinning up their own instance of it.