Netlify cannot provision an ssl/tls certificate even though everything is properly configured

hi! i’m trying to provision an ssl/tls certificate for my custom domain but it keeps failing. why is this?
the error message:

my custom domain is sctech.localplayer.dev
my sitename is sctech.netlify.app
my dns provider is cloudflare

here is a list of my records:

sctech.localplayer.dev:

A

75.2.60.5

TXT

google-site-verification=SV5ezAZ5vc8Hyik9weJnPK5QBPs2H2SnR92XieKvOaQ
openpgp4fpr:57BE156FEB39FB9905BA1299169CABCFA8FDD1CF
v=spf1 include:spf.improvmx.com ~all

MX

mx1.improvmx.com
mx2.improvmx.com

www.sctech.localplayer.dev:

CNAME

sctech.netlify.app

and yes i tried ask netlify

thanks!
-sctech

Hi Sctech! I appreciate the details you left here with your question, that helped me troubleshoot this right away!

I tried to resync your site with our DNS instance in NS1, I tried to manually provision a cert… then I looked up the reason for the error we are seeing:

error_reason => "SniCertificate::CertificateNonvalidError: Unable to verify challenge for www.sctech.localplayer.dev: 2600:1f18:16e:df00::65: Invalid response from http://www.sctech.localplayer.dev/.well-known/acme-challenge/YLJakH6a6axAh2YQEVFDJf3KgrWIv8ziSbgG0BV68Ek: 404"

So unfortunately it looks like when Let’s Encrypt, our SSL provider, is performing the DNS lookup method for your cert, the challenge is unable to be completed. You might need to reach out to Cloudflare to see what’s going on, we have seen in the past some of their A records have interfered with this.

Let me know if you have any other questions. Thanks!