WildCard Certificate issue - DNS Validation in CloudFlare - returns error

frankcheung · May 29, 2026, 10:26pm

Hello

I am testing Certify and I am trying to create a digicert certificate (using a manually input Certificate Authority). DNS is in CloudFlare.

The common name (primary domain) for the certificate is *.domain.com. I also added an additional domain, domain.com as SAN (Apex domain).

When I tried to get the certificate, it fails on the TXT record section…

It first tried to create a txt record for _acme-challenge.domain.com and was successful
It tried to create the same txt record for the SAN and then it bombed out…

[ERR] DNS update failed: Cloudflare DNS API :: Could not add dns record _acme-challenge.domain.com to zone 12314321312312. Result: BadRequest - {“result”:null,“success”:false,“errors”:[{“code”:81058,“message”:“An identical record already exists.”}],“messages”:}

Any idea on how to get this to work?

webprofusion · May 30, 2026, 1:46am

Hi Frank,

I’d suggest downloading the v7 beta in case that help with that scenario.

As a defacto standard most people use Let’s Encrypt, which in turn does not present the same DNS challenge for validation twice but I suspect digicert does. The cleanup should have caught that but for some reason in this case it didn’t.

We did have some recent updates in 7.x for matching existing records in cloudflare so give it a try, it will shortly become the release version anyway.

If you do encounter this problem again I’d start by deleting existing _acme-challenge TXT records manually, then check that the cleanup is working. I’d assume your API token has scope to delete TXT records.

frankcheung · May 31, 2026, 1:37pm

Hi

I will test version 7 RC and let you know.