WordPress Toolkit: Website not working after automatic update to WordPress 5.2
"apt update" is not working on Plesk server with Ubuntu or Debian after installing PageSpeed Apache module using Google PageSpeed Insights extension: The repository 'http://dl.google.com/linux/mod-pagespeed/deb stable Release' is not signed
The Plesk administrator receives the notifications: The Samba 'panic action' script, /usr/share/samba/panic-action was called for PID XX (/usr/sbin/smbd)
Email notification is sent every day: The IP 203.0.113.2 was already used for trialing
Support SSH Access extension cannot be opened in any localization except English or Russian
Unable to activate domain in Plesk DigitalOcean DNS extension SOA records are not eligible for deletion
Unable to view WordPress instance updates: this.props.instance.updateTasks.map is not a function
Unable to clone Wordpress website
Advisor determines SSL certificate from authority as self-signed/not trusted
wp-toolkit fails to install plugin set: Could not install the set on the WordPress instance

See more

Unable to obtain a Let's Encrypt certificate: Error creating new authz :: Policy forbids issuing for name

Nikita Nikushkin

Updated November 21, 2018 22:00

Applicable to:

Plesk for Linux
Plesk for Windows

Symptoms

The following error is shown while trying to obtain a certificate for domain:

PLESK_ERROR: Failed to secure panel: Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-authz:
Error creating new authz :: Policy forbids issuing for name.

OR

PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for exactblacklist.letsencrypt.org
Perhaps this domain is at risk group and is blacklisted on the Let's Encrypt side.
Invalid response from http://example.com/acme/newauthz.
Details:
Type: urn:acme:error:rejectedIdentifier
Status: 400
Detail: Error creating new authz :: Policy forbids issuing for name
The same error can occur in an attempt to secure Plesk.

Cause

A domain name or hostname is blacklisted.

Let's Encrypt policy does not allow to issue a certificate for such domain name or hostname.

Resolution

For domain

If the domain name is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.

Change the domain name to another one:

Log into Plesk.
Go to Plesk > Domains > Hosting Settings.
Change the Domain name to another one and press the OK button to apply changes.

For Plesk

During the securing Plesk using steps from this article:

How to secure Plesk login page URL with SSL certificate?

Plesk is tried to be secured by using server hostname by default.

If the hostname is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.

Specify another domain name that will be used for accessing Plesk.

Additional information

Policy forbids issuing for name on Amazon EC2 domain.
Error creating new authz :: Policy forbids issuing for name - Azure
Azure support (cloudapp.net)
Contact Let's Encrypt community if it is required to receive additional information.

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request