English (US) 日本語
Submit a request

Technical question Licensing question
Sign in

Unable to install Prestashop with Spanish language on Plesk server: Non-zero exit status returned by script
WordPress Toolkit 5.11.0 shows blank page in Safari
Throbber (refresh) icon keeps spinning in the Log File Analyzer of SEO Toolkit in Plesk
Plesk DigitalOcean DNS extension is creating records with the duplicated domain name
Scan fails in WordPress Toolkit: Failed to reset cache for the instance #34: Error: This does not seem to be a WordPress installation.
Acronis backup in Plesk can not be enabled: after enabling backups functionality it is set back to OFF automatically: Empty ItemProtectionData
Plesk monitoring extension shows empty graphs: origin not allowed
Cannot issue a Let's Encrypt certificate: The Let's Encrypt extension is no longer available. To issue SSL/TLS certificates, install the SSL It! extension
Plesk WordPress Toolkit 5.9.2 and above does not detect instances that were detached
Broken WordPress installation after migration to Plesk via Site Import: it does not seem that this WordPress website is working

See more

Cannot issue Let's Encrypt certificate in Plesk: Error creating new authz :: Policy forbids issuing for name

Leonid Gukhman

Updated March 25, 2022 05:32

Plesk for Windows Plesk for Linux DoNotDelete:docref kb: technical ext: le ABT: Group B

Applicable to:

Plesk for Linux
Plesk for Windows

Symptoms

The following error is shown while trying to obtain a certificate for domain:

PLESK_ERROR: Failed to secure panel: Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-authz:
Error creating new authz :: Policy forbids issuing for name.

PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for exactblacklist.letsencrypt.org
Perhaps this domain is at risk group and is blacklisted on the Let's Encrypt side.
Invalid response from http://example.com/acme/newauthz.
Details:
Type: urn:acme:error:rejectedIdentifier
Status: 400
Detail: Error creating new authz :: Policy forbids issuing for name
The same error can occur in an attempt to secure Plesk.

Cause

A domain name or hostname is blacklisted.

Let's Encrypt policy does not allow issuing a certificate for such domain name or hostname.

Resolution

For domain

If the domain name is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.

Change the domain name to another one:

Log in to Plesk.
Go to Domains > Hosting Settings.
Change the Domain name to another one and press the OK button to apply changes.

For Plesk

During the securing Plesk using steps from this article:

How to secure Plesk login page URL with SSL certificate?

Plesk is tried to be secured by using server hostname by default.

If the hostname is blacklisted, e.g. *.cloudapp.net or *.amazonaws.com, then Let's Encrypt fails to issue a certificate.

Specify another domain name that will be used for accessing Plesk

Comments

4 comments

Jordan Dayton August 26, 2020 16:26

Is there any way to find out WHY a domain is blacklisted?

0

Comment actions Permalink
Ivan Postnikov September 01, 2020 11:00

Hello Jordan Dayton

To clarify this I can suggest contacting Let's Encrypt.

0

Comment actions Permalink
Hüppe Keith September 23, 2020 07:57

I get this error on Amazon light sail and I have to manually update my ssl every month. I'm pretty sure other users are in the same boat as me.

This is a straight up LIE. My website is down and plesk knows it. I've been trying to find a workaround for this issue but the only thing I can think of is moving out of amazon lightsail.

0

Comment actions Permalink
Ivan Postnikov September 24, 2020 14:11

Hello @Hüppe Keith

As I understand, you get the same error as in this article but you're able to issue a certificate manually. This issue it to be investigated. Amazon Lightsail instances are supported directly by Plesk. Please, submit a support request.

0

Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request