Cannot issue for domain

Hello!

My domain is:

ec2-34-217-103-132.us-west-2.compute.amazonaws.com

I ran this command:

sudo certbot certonly --webroot , then write my domain

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel): ec2-34-217-103-132.us-west-2.compute.amazonaws.com
Obtaining a new certificate
An unexpected error occurred:
Error creating new order :: Cannot issue for “ec2-34-217-103-132.us-west-2.compute.amazonaws.com”: Policy forbids issuing for name
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version):

nginx:1.17.3 in docker container

The operating system my web server runs on is (include version):

ubuntu 16

I can login to a root shell on my machine (yes or no, or I don’t know):

yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

certbot 0.31.0

Whats the problem? Thanks for answers.

1 Like

Hi,

Since AWS IP domain is ephemeral, you can't issue certificates to this domain (at least not from Let's Encrypt)

Please see the below thread for a explaination from Let's Encrypt staff member.

You should always use your own domain (some TLD is free) instead of subdomains provided by your hosting/service provider.

Thanks

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.