Database users not migrated from cPanel to Plesk
Joomla! Toolkit Health Check always shows: Down: unknown or erroneous cURL option 'CURLOPT RESOLVE' set
Cannot transfer files with Japanese locale in name using Site Import: The file was not transferred. Check that you have sufficient permissions to read the file or transfer the file manually
Let's Encrypt fails to issue a certificate with the following error: The example.com DNS zone contains an AAAA record, but the domain is not assigned an IPv6 address in Plesk.
Plesk repair utility shows the error for wildcard domain: File not found: _.example.com.conf
Cannot add WordPress plugin to set using command-line interface
Unable to change the WordPress password for dashboard via Plesk after migration
Extension Catalog does not report name of the extension whenever the installation fails
Unable to Add your site copy to Facebook in Web Presence Builder: This page isn't available
Microsoft Azure DNS extension loads slowly

See more

Unable to obtain a Let's Encrypt certificate: Error creating new authz :: Policy forbids issuing for name

Nikita Nikushkin

Updated November 21, 2018 22:00

Applicable to:

Plesk for Linux
Plesk for Windows

Symptoms

The following error is shown while trying to obtain a certificate for domain:

PLESK_ERROR: Failed to secure panel: Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-authz:
Error creating new authz :: Policy forbids issuing for name.

OR

PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for exactblacklist.letsencrypt.org
Perhaps this domain is at risk group and is blacklisted on the Let's Encrypt side.
Invalid response from http://example.com/acme/newauthz.
Details:
Type: urn:acme:error:rejectedIdentifier
Status: 400
Detail: Error creating new authz :: Policy forbids issuing for name
The same error can occur in an attempt to secure Plesk.

Cause

A domain name or hostname is blacklisted.

Let's Encrypt policy does not allow to issue a certificate for such domain name or hostname.

Resolution

For domain

If the domain name is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.

Change the domain name to another one:

Log into Plesk.
Go to Plesk > Domains > Hosting Settings.
Change the Domain name to another one and press the OK button to apply changes.

For Plesk

During the securing Plesk using steps from this article:

How to secure Plesk login page URL with SSL certificate?

Plesk is tried to be secured by using server hostname by default.

If the hostname is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.

Specify another domain name that will be used for accessing Plesk.

Additional information

Policy forbids issuing for name on Amazon EC2 domain.
Error creating new authz :: Policy forbids issuing for name - Azure
Azure support (cloudapp.net)
Contact Let's Encrypt community if it is required to receive additional information.

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request