Cloudflare / ACME Issue

I’ve disabled my firewall trying to make this work but not sure how to diagnose this further. There is no .htaccess that I’m aware about in nextcloud that would be blocking this. The logs show that the cpu/ram have been fine and nothing is overloaded as per their troubleshooting page Troubleshooting Cloudflare 5XX errors · Cloudflare Support docs

When I run the command
‘’’ Shell
lego --dns cloudflare --domains --email run

Everything runs fine. I manually added the Global API but since switched to API Token with DNS-configrules/dynamic redirect/zone settings/SSL certs/DNS-(all set to edit). Not opposed to using the global API, but just trying to diagnose the problem.

The IP that cloudflare DNS is pointing to with Type A is from the command below. All name servers are working properly.
‘’’ Shell

I’ve changed the Cloudflare “Always use HTTPS” on/off (currently off).

Thanks in advance for any help I can get.

Did you forget to mention the actual issue in your post? I at least was not able to find it besides “Everything just runs fine”.

I’m using Cloudflare DNS to get ACME certificates, too. The key has “Edit Zone DNS” permissions for the respective domain. Could probably be locked down more, but it’s for an internal domain for my homelab, so whatever. Using security.acme instead of manually calling a client and things work just smoothly. Here is the configuartion

Oh I did forget to mention the issue. It’s a 522 Connection problem. I was wondering if I’m messing it up on the security.acme.EnvironmentFile which leads to a file with no extension and something like:
lego --dns cloudflare --domains --email run
It says that 522 error is a time out and tried to traceroute but i’m not an expert at this and first time doing all this. The bash command above works if i run it in the terminal but I didn’t create it as an actual bash script but notice when I do that there is no difference?

Maybe my issue is with the Type A IP that I’m putting in? Is that how to correctly to in my public IP? curl

Here is my config.

I modified my config to be similar to yours and still throwing the same errors. Here’s what the terminal is showing me:

Feb 17 12:08:45 jimsimons[140294]: + cmp -s domainhash.txt certificates/domainhash.txt
Feb 17 12:08:45 jimsimons[140294]: + lego --accept-tos --path . -d --email --key-type ec256 --dns cloudflare --dns.resolvers -d ‘*’ run
Feb 17 12:08:46 jimsimons[140318]: 2024/02/17 12:08:46 cloudflare: some credentials information are missing: CLOUDFLARE_API_KEY or some credentials information are missing: CLOUDFLARE_DNS_API_TOKEN,CLOUDFLARE_ZONE_API_TOKEN
Feb 17 12:08:46 jimsimons[140294]: + echo Failed to fetch certificates. This may mean your DNS records are set up incorrectly.
Feb 17 12:08:46 jimsimons[140294]: Failed to fetch certificates. This may mean your DNS records are set up incorrectly.
Feb 17 12:08:46 jimsimons[140294]: + exit 10
Feb 17 12:08:46 jimsimons systemd[1]: Main process exited, code=exited, status=10/n/a
Feb 17 12:08:46 jimsimons systemd[1]: Failed with result ‘exit-code’.
Feb 17 12:08:46 jimsimons systemd[1]: Failed to start Renew ACME certificate for

What commands or logs can I check for more details? I’m still stuck. Thanks.

Bumping, still need pointers or help resolving this.