Error when generating cert for customer: Policy forbids issuing for name


I work at ReadMe (a hosted documentation platform), and we generate SSL certificates on behalf of our customers using Let’s Encrypt One particular customer’s certificate is not generating and is returning with the following error:

 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting authorization for...
 + ERROR: An error occurred while sending post-request to (Status 400)

  "type": "urn:acme:error:rejectedIdentifier",
  "detail": "Error creating new authz :: Policy forbids issuing for name",
  "status": 400

This appears to be a similar error to this one here: Policy forbids issuing for name on Amazon EC2 domain. The customer is a fairly well known company with a domain that is presumably on the blacklist. What’s the process for getting an exception for this list?


If it’s blocked due to being a high risk domain, the customer can try emailing .

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.