Hello,
I have problem with let’s encrypt for SSL certificate under .ye domain.
For example: if there is domain name called: hasti.ye , and I want to add the SSL to this domain
I will get error.
However, if I have such these domain names: hasti.com.ye or hasti.net.ye ; the SSL works fine.
How can I solve this problem?
Thanks in advance.
Regards
I think this might be a bug in the Public Suffix List???
I see *.ye in the list, whereas I think the entry is supposed to just be ye. So it looks like everything under .ye, like com.ye, net.ye, and your hasti.ye is considered to be a top-level ICANN TLD?
Maybe .ye recently opened up second-level registrations and used to only have third-level available? That's a wild guess, though.
Thank you so much for your help.
May you advice me who should I contact to solve such this problem?
Regards,
Hello @fatimahussein,
Seems the only ones who can solve this are TeleYemen. Two persons already raised two PRs to include ye ccTLD (Country Code Top Level Domain) in the public suffix list but there was no luck getting a response from TeleYemen to authorize the inclusion, maybe you would have more luck.
Take a look to these PRs trying to add ye ccTLD to PSL:
Update ye suffixes by carterv · Pull Request #845 · publicsuffix/list · GitHub
Remove outdated asterisk for Yemeni suffix by bsolomon1124 · Pull Request #897 · publicsuffix/list · GitHub
Cheers,
sahsanu
Thank you so much, I will contact them. 
that's expected. The Public Suffix List has
// ye : http://www.y.net.ye/services/domain_name.htm
*.ye
But there is no exclusion with your domain name. See
// ck : .ck - Wikipedia
*.ck
!www.ck
See that domain http://www.ck/ - looks very, very old.
The ! means: Normally, www.ck would be a top level domain (and not a domain, so you can't create a certificate). But ! excludes www.ck, so this domain name is a domain, not a top level domain.
Perhaps it's possible to create such an entry
!hasti.ye
Because of that missing definition, Letsencrypt can't create a certificate. Only something like www.hasti.ye would be possible (but that's not what you want).
Thanks a lot for your explanation. 
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
