Note: This only applies if/when using Cloudflare's nameservers with DirectAdmin. If you are using our default nameservers for your domain, this issue should not occur.
When you create a wildcard SSL certificate in your control panel, Let's Encrypt creates a TXT record in the local DNS zone for Let's Encrypt to remotely verify. Since your DNS is with Cloudflare and is not on the local server, the TXT record does not get created in Cloudlfare and the verification fails and therefore Let's Encrypt does not issue the SSL certificate.
When using Cloudflare's nameservers, you will need to do an additional step in order to create SSL certificates in DirectAdmin:
1. After clicking "Wildcard", you will see the field "DNS Provider".
2. By default Let's Encrypt uses the local DNS server "Local". You need to find and choose "Cloudflare".
3. Then you can enter your Cloudflare API key and the server will
automatically create the necessary TXT record in Cloudflare's DNS for
you and will continue to do so automatically each time your SSL
certificate renews.