I am having trouble issuing a Let's Encrypt SSL certificate for my domain.
When I try to enable SSL via HestiaCP, the process ends with an HTTP 404 error.
For context:
This is a domain that I recently purchased at auction.
It previously belonged to a Russian company, but I have no connection to the previous owner.
The DNS records (A, CNAME, TXT) are configured correctly, and the domain resolves to my server.
My question:
Could the fact that this domain previously belonged to a Russian company be the reason why Let's Encrypt refuses to issue a certificate?
I think so, but how can I fix this? Because when I buy any other certificate, such as a European one, I am told that sanctions have been imposed on Russia and we cannot issue a certificate.
That's not a 404 (Not Found) error in your screenshot. It's a 400 (Bad Request) error. You are correct about the SDN (United States' OFAC Specially Designated Nationals and Blocked Persons) list being the cause.
<sdnEntry>
<uid>18287</uid>
<lastName>VEB ENGINEERING LLC</lastName>
<sdnType>Entity</sdnType>
<remarks>For more information on directives, please visit the following link: http://www.treasury.gov/resource-center/sanctions/Programs/Pages/ukraine.aspx#directives.; (Linked To: STATE CORPORATION BANK FOR DEVELOPMENT AND FOREIGN ECONOMIC AFFAIRS VNESHECONOMBANK)</remarks>
<programList>
<program>UKRAINE-EO13662</program>
<program>RUSSIA-EO14024</program>
</programList>
<idList>
<id>
<uid>24701</uid>
<idType>Registration Number</idType>
<idNumber>1107746181674</idNumber>
<idCountry>Russia</idCountry>
</id>
<id>
<uid>24702</uid>
<idType>Tax ID No.</idType>
<idNumber>7708715560</idNumber>
<idCountry>Russia</idCountry>
</id>
<id>
<uid>146610</uid>
<idType>Organization Established Date</idType>
<idNumber>11 Mar 2010</idNumber>
</id>
<id>
<uid>151167</uid>
<idType>Secondary sanctions risk:</idType>
<idNumber>Ukraine-/Russia-Related Sanctions Regulations, 31 CFR 589.201 and/or 589.209</idNumber>
</id>
<id>
<uid>173871</uid>
<idType>Secondary sanctions risk:</idType>
<idNumber>See Section 11 of Executive Order 14024.</idNumber>
</id>
<id>
<uid>117544</uid>
<idType>Website</idType>
<idNumber>vebeng.ru</idNumber>
</id>
<id>
<uid>117561</uid>
<idType>Executive Order 13662 Directive Determination -</idType>
<idNumber>Subject to Directive 1</idNumber>
</id>
</idList>
<akaList>
<aka>
<uid>28285</uid>
<type>a.k.a.</type>
<category>strong</category>
<lastName>OOO VEB INZHINIRING</lastName>
</aka>
<aka>
<uid>28286</uid>
<type>a.k.a.</type>
<category>strong</category>
<lastName>OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU VEB INZHINIRING</lastName>
</aka>
<aka>
<uid>55043</uid>
<type>a.k.a.</type>
<category>strong</category>
<lastName>VEB ENGINEERING LIMITED LIABILITY COMPANY</lastName>
</aka>
<aka>
<uid>55044</uid>
<type>a.k.a.</type>
<category>strong</category>
<lastName>OOO VEB ENGINEERING</lastName>
</aka>
</akaList>
<addressList>
<address>
<uid>27670</uid>
<address1>d. 9 prospekt Akademika Sakharova</address1>
<city>Moscow</city>
<postalCode>107996</postalCode>
<country>Russia</country>
</address>
<address>
<uid>52533</uid>
<address1>Per. Lyalin D. 19, Korpus 1, Pom. XXIV, Kom 11</address1>
<city>Moscow</city>
<postalCode>101000</postalCode>
<country>Russia</country>
</address>
</addressList>
</sdnEntry>
I believe that you would need to get that name removed from the SDN list. As to how, I honestly have no idea. Maybe someone else here might have an idea.
