looking at the install instructions it doesn’t say you have to use CF cert, only the api token in the conf.env file. So if you have done that you should be ok.

I’m curious about the DNS thing from your registrar. If they are the authoritative DNS, even putting the right records in CF won’t make a difference. But maybe you can tell your registrar that CF DNS is authoritative, by creating a SOA DNS record in your registrar, pointing at CF DNS (I can only fnid references to 1.1.1.1 or adam.ns.cloudflare.com).

Looking at the deployment templates it doesn’t say that you have to use ANY certificate. I think caddy generates one (or import one from CF) at deployment. If I was you I’d start from scratch with a new OS installation WITHOUT nginx/apache. Base OS, docker/docker-compose, and run the script again (after you fixed the DNS). If you want to find who is the SOA for your domain I think the command should be dig @9.9.9.9 SOA youlemmydomain.com

That should answer with the CF DNS you configured.

Also a dig @9.9.9.9 youlemmydomain.com should answer with the A records you configured in CF.