extension of the free ssl certificate Let's Encrypt

ssl
dns

#1

How to set an exception in dns for ip addresses Let’s Encrypt?
that would Let’s Encrypt saw the real ip site and without problems extended the ssl certificate. And now you have to manually turn off record A through clouflare.

%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA
%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA2


#2

There is no such thing as an exception in DNS. Also, it isn’t necessary, Let’s Encrypt doesn’t need to connect directly to the server’s IP, it just needs to reach the appropriate file on your webserver (assuming you are running HTTP based verification).


#3

Could you try a different challenge or ACME client? See if your ACME client supports dns-01 or http-01, as those challenges generally work better in conjunction with Cloudflare.