Hey, i have my website on Cloudflare and use there the option SSL Full Strict. But since that, letsencrypt cant create certs on new domains. (Dns records exist, if i turn the ssl settings to flexible it works) So what i can do, that i dont have to set it always to flexible?
Is this ISPConfig server and ISPConfig creating LE certificate for website? https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/
According to the symptoms of your issue it seems as if cloudflare blocks the requests made by LE to reautehnticate the cert in renewal. You should contact Cloudflare support and ask them or maybe there is something in the clodflare knowledge base about that. Or try to use cloudflare rules to exclude the path /.well-known/acme-challenge/ on your domain from strict mode if such an option exists.
Yes, it's used by default. But only with domain auth, not dns auth. So cloudflare must allow domain auth requests from LE.
