Challenge Alias for Letsencrypt

To update my letsencrypt certificates I migrated most of them from http(s)-based update to DNS-based.
The best tool for this is imho

But be careful: They changed their default to ZeroSSL.
So first set the default to letsencrypt: --set-default-ca --server letsencrypt

Now to the best feature with DNS challenge update: Update via API with one DNS provider for another DNS provider.

For example: I use the Hetzner DNS API-tokens with I can generate a new token for every domain.
But I have domains on INWX. Here I have to use username and password to use -- and this feels wrong - so I don't do this.
I added for my domain at INWX this CNAME
And now I can use the Hetzner API to update the certificate for via
The command for this: --issue --dns dns_hetzner --challenge-alias -d