Can i use the API token created with domain in PENDING?


I just redirected my Nameservers to my new account in Cloudflare. It says that it can take 24hours to get domains in Cloudflare. I created an API token to Edit DNS zones in order to be able to use the api with Lets Encrypt.

I wonder if i can create my certificates now or I have to wait until domain leaves “pending” status.

I say this because i am trying to create certificatres with lets encrypt but it fails so I would like to know if this could be the cause.


So your question is, if you can change DNS records programmatically, as long as your domain is still pending?

I’d think so, but trying it out should be faster than posting here :wink:

Also, if you changed the nameservers, the verification should be way faster than 24 hours, unless you already clicked the recheck button a million times, in which case it may really take longer.

What’s the domain?

Mmmm I am trying to use the API token created for the domain “”. This api token is going to be used to get a SSL certificate for Lets Encrypt using an integration of “certbot”. This integration needs access via API to create a dns only record to retrieve a value in order to check I am the owner.

Once it is validated the SSL certificates can be generated. So my question is if this API is accessible while the domain is in “pending”.

Sorry for the bad explanation.

That domain is currently not using Cloudflare nameservers, hence it is pending.

Also, an API token won’t help you with a Let’s Encrypt certificate.

But again, have you tried it?

It is clear.

Yes, I tried it and I receive an error from certbot. This error is not really “friendly”:

Some challenges have failed.
Ask for help or search for solutions at ****. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

at ChildProcess.exithandler (node:child_process:399:12)
at ChildProcess.emit (node:events:526:28)
at maybeClose (node:internal/child_process:1092:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:302:5)

Well, that error message is something you need to clarify with Let’s Encrypt.

It may be easier for you to just get an Origin certificate.

And yes, pending domains can still be used via the API to configure DNS records.

So the problem is not related with “Pending Namveserver”?

I just read that Namesaerver changes is still pending until my ownership is validated. Taking this into account, it would not make sense that I could generate ssl from a domain pending to be validated.

Is this correct?

Your domain is currently not set up at all for Cloudflare. So any questions will have to be directed to your host.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.