Kubernetes cert manager ssl error verify ACME account

I would start with debugging DNS resolution function within your K8s cluster:

Spin up some container with basic network tools on a board:

kubectl run -i -t busybox --image=radial/busyboxplus:curl --restart=Never

From within busybox container check /etc/resolv.conf file and ensure that you can resolve Kubernetes DNS service kube-dns:

$ cat /etc/resolv.conf nameserver 10.96.0.10search default.svc.cluster.local svc.cluster.local cluster.local c.org-int.internal google.internaloptions ndots:5

Make a lookup request to kubernetes.default which should get output with a DNS nameserver without any issues:

$ nslookup kubernetes.defaultServer:    10.96.0.10Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.localName:      kubernetes.defaultAddress 1: 10.96.0.1 kubernetes.default.svc.cluster.local

Due to the fact that you've defined upstreamNameservers in the corresponded kube-dns ConfigMap, check whether you can ping upstream nameservers: 1.1.1.1 and 8.8.8.8 that should be accessible from within a Pod.

Verify DNS pod logs for any suspicious events for each container(kubedns, dnsmasq, sidecar):

kubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name | head -1) -c kubednskubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name | head -1) -c dnsmasqkubectl logs --namespace=kube-system $(kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o name | head -1) -c sidecar

If you are fine with all precedent steps then DNS discovery is working properly, thus you can also inspect Cloudflare DNS firewall configuration in order to exclude potential restrictions. More relevant information about troubleshooting DNS issue you can find in the official K8s documentation.