realdomain.com {
tls {
dns cloudflare {env.CLOUDFLARE_TOKEN}
dns_challenge_override_domain cloudflaredomain.com
}
}
And you need to make sure you set up the CNAME from your _acme-challenge.realdomain.com to cloudflaredomain.com.
Btw, challenge delegation is mentioned in Challenge Types - Let's Encrypt
It’s relatively new, it was merged in March.
But yeah you’re right it could be documented better. I think the best place would be in the How to use DNS provider modules in Caddy 2 wiki I think, which is open for anyone to edit, if you’d like to write it out once you’ve played around with this 