To convert your domain's DNS provider from Amazon Web Services Route 53 to Cloudflare and use Let's Encrypt's DNS challenge with the acme.sh client, you will need to perform the following steps:
acme.sh on your system by running the following command:curl https://get.acme.sh | sh
Obtain your Cloudflare API key and email address by logging in to your Cloudflare account and going to the "My Profile" > "API Tokens" page.
Export the Cloudflare API key and email as environment variables:
export CF_Key="<API key>" export CF_Email="<email>"
acme.sh to request a certificate for your domain, using the DNS challenge:acme.sh --issue --dns dns_cf -d <domain>
Replace <domain> with your domain name.
acme.sh --install-cert -d <domain> \
--key-file /path/to/key/file \
--fullchain-file /path/to/fullchain/file \
--reloadcmd "systemctl reload nginx"
Replace /path/to/key/file and /path/to/fullchain/file with the paths to the key and fullchain files generated by acme.sh, and systemctl reload nginx with the appropriate command to reload your web server.
https:// instead of http://.Note that the TLS/SSL certificate issued by Let's Encrypt is only valid for 90 days. You will need to renew the certificate before it expires. To do this,