Unexpected DNS records
You find several unexpected DNS records after adding your domain to Cloudflare.
A wildcard (*) record at your previous authoritative DNS provider may have been imported into Cloudflare in a way that creates additional records.
To solve this issue, you can do one of the following:
-
Remove and re-add your domain:
- Remove your domain from Cloudflare.
- Delete the wildcard record from your authoritative DNS.
- Re-add the domain.
You might notice TXT records like _acme-challenge.<hostname> are returned by your domain but cannot be found on the Cloudflare dashboard.
These records are automatically created to allow Cloudflare edge certificates (universal, advanced, and backup) to be provisioned. _acme-challenge records are required by certificate authorities (CAs) so that they can verify your domain ownership before issuing the SSL/TLS certificate. For details, refer to Domain control validation (DCV).
As these records are tied to the certificates, they cannot be deleted via the Cloudflare dashboard.
If you need more _acme-challenge.<hostname> TXT records in order to provision certificates on your side, you can manually add them under DNS records ↗.
If you want to remove these records:
- Disable Universal SSL to remove the records related to universal and backup certificates.
- Delete advanced certificates to remove the records related to advanced certificates.
You notice DNS queries returning incorrect results even after you waited for the TTL to expire.
Third-party tools can sometimes fail to return correct DNS results if a recursive DNS cache fails to refresh.
In this circumstance, purge your public DNS cache via these methods: