Getting "Error creating new authz :: Policy forbids issuing for name"

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
enterprise.efax.com.au

I ran this command:
https://letsdebug.net/enterprise.efax.com.au/59913

It produced this output:
Error creating new order :: Cannot issue for “enterprise.efax.com.au”: Policy forbids issuing for name

The operating system my web server runs on is (include version): Google Cloud Platform - Other certificate domains are renewing successfully.

I can login to a root shell on my machine (yes or no, or I don’t know): yes

Hi @flydave, Welcome to Let’s Encrypt Community

According to that error message, i believe that the domain name (root domain actually) is on a restricted list for Let’s Encrypt.
Checking the history of this domain, you’ll see that no certificate from Let’s Encrypt is ever issued for the whole root domain.

In this case, are you the managers from the company? If so, please get in touch with one of the Let’s Encrypt staff members and submit a request for this domain. @lestaff If not, please ask a manager from that company to contact Let’s Encrypt in order to get the certificate for this domain.

Thank you

Hi Steven,

Appreciate you fast feedback here!
What is the best way for the manager from the company to submit a request?

Kind regards,
David

Please contact one of the staff from @lestaff group (I believe they will reach back since it’s the second time i pinged them in this thread)

I believe you could also ask the managers email security@letsencrypt.org for an exception.

Thank you

Thank you. Shall do.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.