Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
Plesk > Tools & Settings > SSL/TLS Certificates > +LetsEncrypt > I clicked the ‘Install’ button
It produced this output:
Error: Could not issue a Let’s Encrypt SSL/TLS certificate for ec2-18-203-188-57.eu-west-1.compute.amazonaws.com .
My web server is (include version):
Product: [Plesk Obsidian 18.0.26]
last updated at May 6, 2020 11:18 PM
The operating system my web server runs on is (include version):
OS: Ubuntu 16.04.6 LTS
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Plesk Obsidian 18.0.27
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
My LetsEncrypt Plugin Version is: 2.10.0-621
Not sure about the Certbot
ubuntu@ec2-18-203-188-57:~ certbot --version certbot: command not found ubuntu@ec2-18-203-188-57:~ certbot-auto --version
certbot-auto: command not found
I’m trying to secure the login to my AWS Lightsail Plesk Server with an SSL certificate.
When I goto to my server I’m greeted by the Chrome certificate error screen.
Upon logging in Security Advisor tells me to secure my server with an SSL certificate.
But when I try to install the LetsEncrypt certificate on my AWS Lightsail Server.
I get an error message to say my domain is probably blacklisted.
I opened a Forum Thread on the Plesk Community Forum here:
Their advice was to follow the instructions here:
Which I did!
But Step 5 says:
Note: The hostname/domain name must be resolved to a public IP address of the Plesk server from the Internet.
On trying this step, MxToolBox finds a different IP address for the name of my server (18.203.xxx.xx) than for the IP Address (34.246.xxx.xxx ) that has been assigned to my server by AWS and what I used to log in under. (I hope that makes sense)
Issuing the certificate fails:
**Error:** Could not issue a Let's Encrypt SSL/TLS certificate for **ec2-18-203-188-57.eu-west-1.compute.amazonaws.com** . Perhaps this domain is at risk group and is blacklisted on the Let's Encrypt side. [See the related Knowledge Base article for details.](https://support.plesk.com/hc/en-us/articles/115002506633) Details Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order. Details: Type: urn:ietf:params:acme:error:rejectedIdentifier Status: 400 Detail: Error creating new order :: Cannot issue for "ec2-18-203-188-57.eu-west-1.compute.amazonaws.com": The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policy
Any help is appreciated.
Thanks in advance.