Can't create certificate for li541-247.members.linode.com

I have site
li541-247.members.linode.com
and I can`t create certificvate for he
I was get:

Obtaining a new certificate
An unexpected error occurred:
Error creating new authz :: Policy forbids issuing for name
Please see the logfiles in /var/log/letsencrypt for more details.

IMPORTANT NOTES:

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

Please help me. Thanks

I believe that one is intentionally blocked...

2 Likes

Good!
Otherwise, it all too easily allows for domain impersonation.
I don’t know why ISPs continue to use fully functional rDNS names on every IP they own.
That’s a problem for stopping SPAM and Phishing, etc.

1 Like

Hi @AndriySoftSprint,

Apologies for the error you’re experiencing.

As @jmorahan points out (thanks!) with a link to a previous thread with the same problem this policy decision is intentional. You can’t issue for *.members.linode.com domains. You will have to acquire a domain name of your own to use for Let’s Encrypt.

Once you obtain a domain from a commercial registrar, it may be a good idea to change over your rDNS to your new domain name, especially if you plan on sending and receiving e-mail through your server.
Before doing so, make sure both the A and AAAA records point to your server (Linode supports both IPv4 and IPv6 so you might as well use both).
To do so, first click the name of your server in the legacy manager.linode.com control panel.
Next, click the “Remote Access” tab.
On the page that appears, under “Public IPs”, look for “Reverse DNS” and click it.
Enter your fully qualified domain name i.e. www.example.com or mail.example.com (without http or https) and click Look up. When it finds a match it will prompt to change the rDNS records for your IPv4 and IPv6 addresses to the domain name.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.