Cloudflare

Create verification records in Cloudflare DNS

Plugin type DNS validation
Download Version v2.3.3. Look for older releases on GitHub for files named like plugin.validation.dns.cloudflare.v2.x.x.zip
Chocolatey
choco install simple-acme-validation-dns-cloudflare 
(details)
Compatibility All platforms

Description

Create the record in Cloudflare DNS. To use this plugin you’ll need to obtain a Cloudflare API Token (not Key) that is allowed to read and write the DNS records of the zone your domain belongs to.

Create an appropriate API Token

  1. Navigate here: https://dash.cloudflare.com/profile/api-tokens
  2. Click Create Token
  3. Choose a name
  4. Under Permissions, select “Zone”, “DNS”, “Edit”; Click Add More, select “Zone”, “Zone”, “Read”
  5. Under Zone Resources, select “Include”, “All zones” (or “All zones from an account” and select the relevant account).
    • Note that restricting access to the single target zone does not work, as we can not get the zone’s id by its domain name then. You might be able to exclude other zones specifically. If this is a showstopper for you please open an issue to discuss how to proceed.
  6. Finish creating the token, store it in a safe place or, better, paste it directly into simple-acme.

Plugins needs to be unpacked into a folder called %programdata%\simple-acme\plugins. Depending on how you downloaded the file, you may have to unblock the .dll files before your computer will trust them. You can do that from the File Explorer by using the right mouse button and then checking the `Unblock` box on the General tab.

To verify that the plugin is properly installed you can start the main executable with ‑‑verbose and it will print information about found and loaded plugins at start up. When the plugin is loaded, it manifests itself as extra menu choices and command line parameters being made availalbe.

All releases published to third party package managers like Chocolatey and NuGet support plugins, but if you download simple-acme manually, you must choose a pluggable version instead of the trimmed one to use it.

Command line

--validation cloudflare Activates the plugin
‑‑cloudflareapitoken API Token for Cloudflare.

You may pass the secret in plain text, but can also use a reference to the secret vault like "vault://json/mysecret".

Examples

Typical --validation cloudflare ‑‑cloudflareapitoken *****

JSON

ID 73af2c2e-4cf1-4198-a4c8-1129003cfb75

Looking for win-acme?

simple-acme is a backwards compatible, drop-in replacement built by the same person. Project history.