Using Certify the web for lets encrypt certificates
Go to cloudflare and login
click profile icon
select my profile
go to api tokens tab
create new custom token
Give token a name
give the following permissions
Zone Zone Edit
Zone DNS Edit
Zone Resources
Include all zones
IP Address filtering
noneĀ (unless you wanted to restrict access, I have not as my IP is dynamic)
TTL
Blank
Continue to summary
Create token
Copy API Token
Install Certify the web application
https://certifytheweb.com/home/
For authentication we will use DNS verification via Cloudflare API
On Certify the web go to Settings
stored credentials
add new stored credentials
Select Cloudflare DNS API
Set credentials name to easily identify
fill in the api token in the api token field
click save
on manage certificates page
new certificate
click okay on prompt about registering a new contact
select certificate authority of lets encrypt
enter email address,( notify you of upcoming renewals if required, invalid email addresses will be rejected by certificate authority
Agree to the terms
click register contact
On new certificate window
leave slecte site as no IIS side selected
add the required domain name and click +
Go to authorization tab
change challenge type to dns-01
DNS update method - cloudflare...