Cloudflare

Create verification records in Cloudflare DNS

Plugin type DNS validation
Download Version v2.3.2. Look for older releases on GitHub for files named like plugin.validation.dns.cloudflare.v2.x.x.zip
Chocolatey 
choco install simple-acme-validation-dns-cloudflare
(details)
Compatibility All platforms

Description

Create the record in Cloudflare DNS. To use this plugin you’ll need to obtain a Cloudflare API Token (not Key) that is allowed to read and write the DNS records of the zone your domain belongs to.

Create an appropriate API Token

  1. Navigate here: https://dash.cloudflare.com/profile/api-tokens
  2. Click Create Token
  3. Choose a name
  4. Under Permissions, select “Zone”, “DNS”, “Edit”; Click Add More, select “Zone”, “Zone”, “Read”
  5. Under Zone Resources, select “Include”, “All zones” (or “All zones from an account” and select the relevant account).
    • Note that restricting access to the single target zone does not work, as we can not get the zone’s id by its domain name then. You might be able to exclude other zones specifically. If this is a showstopper for you please open an issue to discuss how to proceed.
  6. Finish creating the token, store it in a safe place or, better, paste it directly into simple-acme.

The plugin need to be unpacked into the folder where you also unpacked wacs.exe to able to use it. Depending on how you downloaded the file, you may have to unblock all new .dll files before your computer will trust them. You can do that from the Windows File Explorer by using the right mouse button and then checking the `Unblock` box on the General tab.

If you are using simple-acme as a dotnet tool, the folder will be %userprofile%\.dotnet\tools\.store\simple-acme\2.3.2.1981\simple-acme\2.3.2.1981\tools\net9.0\any

To verify that the plugin is properly installed you can start the main executable with ‑‑verbose and it will print information about found and loaded plugins at start up. When the plugin is loaded, it manifests itself as extra menu choices and command line parameters being made availalbe.

This plugin requires to you use the pluggable release of the main executable. It will not work on the smaller trimmed releases.

Command line

--validation cloudflare Activates the plugin
‑‑cloudflareapitoken API Token for Cloudflare.

You may pass the secret in plain text, but can also use a reference to the secret vault like "vault://json/mysecret".

Examples

Typical --validation cloudflare ‑‑cloudflareapitoken *****

JSON

ID 73af2c2e-4cf1-4198-a4c8-1129003cfb75

Looking for win-acme?

simple-acme is a backwards compatible, drop-in replacement built by the same person. Project history.