Symptoms
-
The following error is shown while trying to obtain a certificate for domain:
Failed to secure panel: Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-authz:
Error creating new authz :: Policy forbids issuing for name.
Error: Could not issue a Let's Encrypt SSL/TLS certificate for exactblacklist.letsencrypt.org
Perhaps this domain is at risk group and is blacklisted on the Let's Encrypt side.
Invalid response from http://example.com/acme/newauthz.
Details:
Type: urn:acme:error:rejectedIdentifier
Status: 400
Detail: Error creating new authz :: Policy forbids issuing for name -
The same error can occur in an attempt to secure Plesk.
Cause
A domain name or hostname is blacklisted.
Let's Encrypt policy does not allow issuing a certificate for such domain name or hostname.
Resolution
For domain
If the domain name is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.
Change the domain name to another one:
-
Go to Domains > Hosting Settings.
-
Change the Domain name to another one and press the OK button to apply changes.
For Plesk
During the securing Plesk using steps from this article:
How to secure Plesk login page URL with SSL certificate?
Plesk is tried to be secured by using server hostname by default.
If the hostname is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.
Specify another domain name that will be used for accessing Plesk
with