Since CloudFlare can be integrated into the Panel so you have the API creds, would be great to choose to obtain the SSL certs via DNS validation rather than HTTP. certbot-dns-cloudflare.readthedocs.io/en/stable/
I have some use cases where with exception for some IPs, all requests are redirected to something else. Another case is when the home page redirects to something else with exception for a few subdirectories and becomes complicated to only allow .well-known.
When migrating or starting new development projects, the origin domain is normally located on another server with the IP pointing there. It cannot be replaced to get the SSL so letsencrypt accept the option to get the certificate using CNAME records instead. https://community.letsencrypt.org/t/how-to-issue-ssl-to-client-domain-via-cname-records/128079
This is done using the dns01-challenge https://letsencrypt.org/docs/challenge-types/#dns-01-challenge This allow to create also domains when DNS for the domain are not public yet (using local hosts file to work on them) and allow to do zero downtime migrations.
This also helps with the problem with cloudflare using grey or orange, as the IP is not important anymore.
It is a basic feature for letsencrypt and I hope you can consider it. Thanks
Dennis moved item to board Live11 months ago
Dennis moved item to board In progress11 months ago
Dennis moved item to board Planned1 year ago
Dennis moved item to project Site Level Requests1 year ago
Dennis opened1 year ago