My domain, located at https://groovydeng.is-an.app/, uses Cloudflare proxy. However, Cloudflare DNS routes straight to the proxy IP instead of the VPS IP, causing a certificate error in Let's Encrypt. Do you have any suggestions for fixing this issue? I do not have API token access to Cloudflare, is setting proxy: false an easy solution?

Feel free to use a self-signed cert on your server:

Or disable CF proxy (the worst way).

I successfully visited https://groovydeng.is-an.app/ by importing the cert into my trust store using the command curl -svo /dev/null https://groovydeng.is-an.app/ --connect-to ::119.23.147.240 2>&1 | egrep -v "^{.$|^}.$|^* http.*$"'.

However, I encountered an SSL handshake failure with Cloudflare (error code 525), which I believe is due to my VPS being located in China. In China, all VPS visits using domain names must be recorded by the government, which I find to be a frustrating requirement.