See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.shPlease add '--debug' or '--log' to check more details.Error add txt for domain:_acme-challenge.somedomain.cominvalid domainAdding txt value: <somestring> for domain: _acme-challenge.somedomain.comGetting webroot for domain='*.somedomain.com'Getting domain auth token for each domainSingle domain='*.somedomain.com'Using CA: https://acme-v02.api.letsencrypt.org/directory
I noticed that when creating the cloudflare api token, Acme required: Zone Resources set: Include | All zones. This appears to be the problem.To sum it up:Zone | DNS | EditZone Resources | Include | All ZonesClient IP (not using this field)TTL | set a valid date rangeThis appears to work OK.