Cannot issue for domain


My domain is:

I ran this command:

sudo certbot certonly --webroot , then write my domain

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1):
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel):
Obtaining a new certificate
An unexpected error occurred:
Error creating new order :: Cannot issue for “”: Policy forbids issuing for name
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version):

nginx:1.17.3 in docker container

The operating system my web server runs on is (include version):

ubuntu 16

I can login to a root shell on my machine (yes or no, or I don’t know):


The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

certbot 0.31.0

Whats the problem? Thanks for answers.

1 Like


Since AWS IP domain is ephemeral, you can't issue certificates to this domain (at least not from Let's Encrypt)

Please see the below thread for a explaination from Let's Encrypt staff member.

You should always use your own domain (some TLD is free) instead of subdomains provided by your hosting/service provider.



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.