I'm using CloudFlare with FULL (Strict) option enabled. My goal is to have a valid certificate provided by Let's Encrypt in my server and let CloudFlare handle everything else.
What I understood is that Virtualmin Let's Encrypt script doesn't support DNS based validation. OK, that I get. But how autodiscover, autoconfig and mail records can get a valid SSL certificate but "admin" and "webmail" records can't?
When I enable CloudFlare proxy in "webmail" record I get 526 Error (Invalid SSL). If I disable CloudFlare proxy I can get into the page but I get a invalid certificate message in chrome (Although I can ignore this error and proceed to the redirected page).
I tried to manually supply admin.domain.tld and webmail.domain.tld in "Domain names listed here" via "Server Configuration > SSL Certificate > Let's Encrypt" but I receive a error saying the script was unable to create the "webmail.domain.tld/.well-known" file. It's weird because I don't create autodiscover, autoconfig and mail subdomains, but Let's Encrypt script can get valid ssl certificate for those dns records (although they are not properly a subdomain, pretty much what "admin" and "webmail" records are).
PS: All dns records in my virtualmin were imported to CloudFlare. So everything is the same in both directions. I've tried to disable CloudFlare proxy as well to try getting the let's encrypt certificate, but that wasn't enough.