LetsEncrypt cert renewals

I just got a Certificate renewal email for one of my domains we have setup for LetsEncrypt. It makes mention of HTTP DCV, but we’ve only ever used DNS DCV.
It mentions that the reasons for the email are:

  • subdom.domain.c0m" no longer resolves to * Cloudflare’s edge, and we cannot automatically complete the renewal process.
  • Recent CA/B forum rule changes state that HTTP DCV is no longer permitted for wildcard certificates.

It goes on to ask for an update to the _acme-challenge TXT record.

We control our own DNS, so are we going to need to manually update TXT records for every domain every 3 months? My impression was that the original validation TXT values would be accepted when the system needed to renew. We’ve only just started using Cloudflare, so this is the first time renewals have come up.

Also, I’m not sure what the HTTP DCV message is about since we’ve only ever used DNS DCV. The DNS cname for subdomain.domain.c0m still points to Cloudflare.

Thanks for the help

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.