Hello!
I just tried adding custom domain to my site but the HTTPS section under ‘Domain management’ says:
DNS verification failed
rootkea.me doesn’t appear to be served by Netlify
But I have already added Netlify nameservers to my registrar 3 days ago. Is this because I had set up DNSSEC with Cloudflare? My registrar still has that entry and rootkea.me | DNSViz shows multiple errors which make my doubt stronger.
Please help.
Thanks!
Hello!
Yes, you’ll need to contact Cloudflare to find out how to disable DNSSEC. We don’t support DNSSEC when hosting your DNS with us.
But I also noticed a small issue with your DNS records. You have an alias on your www to rootkea.gitlab.io. You’ll want to remove that record before the SSL certificate can be issued.
Let us know if that helps!
Done! And just saw that SSL/TLS certificate has been provisioned by Netlify. 
Thank you!
We don’t support DNSSEC when hosting your DNS with us
Nooo! Why not? Everybody deserves secure DNS! I expect more from Netlify. Guess I need to open a feature request.
Would this be the case even for subdomains like functions.netlify.domain.com, where domain.com is on Cloudflare and has DNSSEC enabled? My knowledge of DNSSEC is rather poor, so, I am not sure whether DNSSEC is something that concerns all the domains, or just the root.
SSL is already issued. Disabling DNSSEC probably helped. 