The edge certificate for the domain spreek.nl keeps to show the status “Pending Validation (TXT)” . Already for more than 48 hours.
As a possible solution, I now added the TXT snippets to the DNS (_acme-challenge.spreek.nl), but without result.
I also did a DNSSEC test, but this also seems to work correct: https://dnsviz.net/d/spreek.nl/dnssec
Nevertheless, I do see your domain has got DNSSEC enabled.
When I do check the DNSSEC, I see there are DS records added, and no DNSSEC issue. It seems to me like DNSSEC was enabled before you changed your domain nameservers to Cloudflare.
If you recently changed your domain nameservers, have you checked if the DNSSEC was disabled and any DS records removed at your domain registrar before domain nameservers were changed?
Kindly, I’d suggest you to contact and ask your domain registrar to disable DNSSEC for your domain and remove any of the existing DS records at their interface.
Nevertheless, you might have to wait up to 48 or 72 hours for proper DNS propagation and to clear the DS/DNSSEC entries for your domain name.
Unfortunately, this is a know “issue”, or rather to say it happens. Before we change domain nameservers, we should make sure we disable the DNSSEC feature and remove any of the existing DS type of DNS records for our domain at our domainr registrar.
Using Cloudflare nameservers for your domain name at your domain registrar
Proxied at least one DNS record (hostname) like example.com at the DNS tab of Cloudflare dashboard
Furthermore, may I ask if your domain is still in “Pending nameserver check” status at Cloudflare dashboard? If yes, then that would be one more reason why it isn’t issued → nameservers not CF’s and DNSSEC enabled.
You should disable DNSSEC and remove any of the existing DS records at your domain registrar before changing domain nameservers and wait up to 48 hours to fully clear up. After that, you proceed with the process further. Otherwise, if you did not done this step, this is the cause of NXDOMAIN error.