Dns01 not working - SOLVED

[koby]

Hello All ,
I am trying to get letsencrypet ssl via CloudFlare remote cname dns.
The zone with api avaiI is "acme.co.il"
(This setup is working on my pfsense with out any issue)

Here is my /etc/pmg/node.conf :

acme: account=stage
acmedomain0: smg-lab01.mksoft.co.il,plugin=CloudFlare,usage=api;smtp,alias=smg-lab01.auth.acme.co.il

Here is my dig :

dig _acme-challenge.smg-lab01.mksoft.co.il cname

; <<>> DiG 9.20.22 <<>> _acme-challenge.smg-lab01.mksoft.co.il cname
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13929
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
;; QUESTION SECTION:
;_acme-challenge.smg-lab01.mksoft.co.il.    IN CNAME

;; ANSWER SECTION:
_acme-challenge.smg-lab01.mksoft.co.il.    291 IN CNAME _acme-challenge.smg-lab01.auth.acme.co.il.

;; Query time: 0 msec
;; SERVER: 192.168.50.254#53(192.168.50.254) (UDP)
;; WHEN: Wed Apr 29 18:25:27 IDT 2026
;; MSG SIZE  rcvd: 117

Here is my error :

Loading ACME account details
Placing ACME order
Order URL: https://acme-staging-v02.api.letsencrypt.org/acme/order/287600444/36835341454
Getting authorization details from 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/287600444/889012334'
The validation for smg-lab01.mksoft.co.il is pending!
[Wed Apr 29 18:15:21 IDT 2026] invalid domain
[Wed Apr 29 18:15:21 IDT 2026] Error add txt for domain:_acme-challenge.smg-lab01.auth.acme.co.il
TASK ERROR: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup cf smg-lab01.auth.acme.co.il' failed: exit code 1

My Pmg Ver : 9.0.7

Please advice
Best Regards ,
Koby Peleg Hen

Please note that the sulotion is that CloudFlare check your IPv6 if you had one and NOT test the IPv4 if the previous is rejected.....

 

[koby]

Can anyone advice how to debug that please