apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-dns01-cloudflare
spec:
  acme:
    # Let's Encrypt production endpoint
    server: https://acme-v02.api.letsencrypt.org/directory
    email: conanscott@gmail.com
    privateKeySecretRef:
      # cert-manager will create and store the account key here
      name: letsencrypt-cloudflare-account-key
    solvers:
      - dns01:
          cloudflare:
            # This references a secret with your Cloudflare API token
            apiTokenSecretRef:
              name: cloudflare-api-token-secret
              key: api-token