Hi @mayu,
The error message from the certificate authority should probably indicate more about the reason, although the most general case is "policy forbids issuing for name", in which case you can't really get any more information directly through the ACME protocol.
Some possibilities include
- your name is in a top-level domain that Let's Encrypt doesn't know about yet (because it's so new)
- you accidentally requested a certificate for a name that's not in a top-level domain
- your domain name or the organization that owns it is on one of the U.S. Treasury's sanctions lists
- your domain name is very similar to the name of certain financial institutions and similar sites, possibly in another country
- your domain name is actually a subdomain of a major company's site (because you work for one of those companies)
- your domain name is actually a subdomain of a major company's site (because you're using the hosting product of one of those companies, and didn't get your own separate domain name)
If you're confident that the name is blacklisted in error, you can contact security@letsencrypt.org and describe your situation. Note that this won't help in the 2nd, 3rd, and 6th cases I mentioned above.