Cloudflare SSL letsencrypt and cloudflare

hello,

---

So i setup letsencrypt certs using the acme tool and it says it checks the A record, which at the time it matches the servers ip, now i've added cloudflare for all the domains, when i go to renew the certs in a few months will there be any issues

 

I followed the instructions but when i issue the command
./acmetool.sh certonly-issue domain.com
this is the output

-----------------------------------------------------------
[DNS mode] issue & install letsencrypt ssl certificate for domain.com
-----------------------------------------------------------
testcert value =
/root/.acme.sh/acme.sh --staging --issue --force --dns dns_cf -d domain.com -d .... -k 2048 --useragent centminmod-centos7-acmesh-dns --log /root/centminlogs/acmetool.sh-debug-log-171216-174104.log --log-level 2
[Sat Dec 17 17:41:08 UTC 2016] Using stage api:...
[Sat Dec 17 17:41:08 UTC 2016] Multi domain='DNS:..........
[Sat Dec 17 17:41:08 UTC 2016] Getting domain auth token for each domain
[Sat Dec 17 17:41:08 UTC 2016] Getting webroot for domain='domain.com'
[Sat Dec 17 17:41:08 UTC 2016] _w='dns_cf'
[Sat Dec 17 17:41:08 UTC 2016] Getting new-authz for domain='domain.com'
[Sat Dec 17 17:41:11 UTC 2016] The new-authz request is ok.
[Sat Dec 17 17:41:11 UTC 2016] Getting webroot for domain='.....
[Sat Dec 17 17:41:11 UTC 2016] _w='dns_cf'
[Sat Dec 17 17:41:11 UTC 2016] Getting new-authz for domain='.........
[Sat Dec 17 17:41:12 UTC 2016] The new-authz request is ok.
[Sat Dec 17 17:41:12 UTC 2016] Found domain api file: /root/.acme.sh/dnsapi/dns_cf.sh
[Sat Dec 17 17:41:12 UTC 2016] You don't specify cloudflare api key and email yet.
[Sat Dec 17 17:41:12 UTC 2016] Please create you key and try again.
[Sat Dec 17 17:41:12 UTC 2016] Error add txt for domain:_acme-challenge.domain.com
[Sat Dec 17 17:41:12 UTC 2016] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-171216-174104.log

---------------------------------
DNS mode via Cloudflare DNS API
---------------------------------
setup TXT DNS record via Cloudflare API

Null message body; hope that's ok


i added the api keys to the /etc/centminmod/acmetool-config.ini so im not sure what's wrong, the txt record definitely is not added to cloudflare.

do i even need to worry about this or are cloudflare ssl's auto renewed, i couldn't find much about that online

 

i used vi, it definitely read the file as i added the pushover api at the top and even got a notification on my phone

 

[Sat Dec 17 17:41:08 UTC 2016] Lets find script dir. [Sat Dec 17 17:41:08 UTC 2 - Pastebin.com

the only thing i can thing of is maybe the way i set things up, as i initially did not have any intentions of using cloudflare

i set up the domains with lets encrypt https only and then switched all dns at registrar and then after that after its all live from cloudflare then tried this.

although then again im not sure why it says theres no api there, its not the first time ive created a file and edited it

 

would dns sec cause these issues, im going to disable it on one domain and try again

 

ya still no joy, its all good @eva2000 i appreciate your help, theres no need to look into this further as ssl will work from cloudflares side

 

Ya I got it to work @eva2000, probably in a very greasy way but i think it should be good, switched off each domains cloudflare proxy one by one, exposing the server ip, then installed the letsencrypt cert, then switched it back on after, and for good measure, disabled the acme tool cron. I figure even when the cert expires cloudflare wont care so there should be no disruption, but for good measure i did 1 site first then a few days later the rest, so when the first site expires and theres no issues then its all good, if not then ill just redo the aforementioned and within 10min everything should be good again

 

I see what your saying @eva2000, i forgot to mention that i backed up each domain and deleted it and then re-setup from menu option 2