Good evening! I’m using Cloudflare for DNS Server from several domains .com.br, .com, etc and generally have no problem using let’s encrypt if I need direct access without going through Cloudflare’s CDN, but I’m facing the problem with a client .
In this client I have Ubuntu 20.04 with Certbot installed by snap install certbot --classic, I am not using CDN for this host and when I try to generate the certificate (this application does not work well with CDN), it gives the following error:
DNS problem: query timed out looking up CAA for <host.domain>.com.br
I would like to know what I can do other than create for each host manually an entry of type CAA in cloudflare releasing to the letsencrypt.org server.
Manually creating the CAA entry works (I had to do this urgently), but having to manually create this entry for each host is not feasible.