Question: Problem with issuing SSL certificate under .ye domain


I have problem with let’s encrypt for SSL certificate under .ye domain.

For example: if there is domain name called: , and I want to add the SSL to this domain

I will get error.

However, if I have such these domain names: or ; the SSL works fine.

How can I solve this problem?

Thanks in advance.


1 Like

I think this might be a bug in the Public Suffix List???

I see *.ye in the list, whereas I think the entry is supposed to just be ye. So it looks like everything under .ye, like,, and your is considered to be a top-level ICANN TLD?

Maybe .ye recently opened up second-level registrations and used to only have third-level available? That's a wild guess, though.



Thank you so much for your help.
May you advice me who should I contact to solve such this problem?


1 Like

Hello @fatimahussein,

Seems the only ones who can solve this are TeleYemen. Two persons already raised two PRs to include ye ccTLD (Country Code Top Level Domain) in the public suffix list but there was no luck getting a response from TeleYemen to authorize the inclusion, maybe you would have more luck.

Take a look to these PRs trying to add ye ccTLD to PSL:




Thank you so much, I will contact them. :slight_smile:


Hi @fatimahussein

that's expected. The Public Suffix List has

// ye :

But there is no exclusion with your domain name. See

// ck :

See that domain - looks very, very old.

The ! means: Normally, would be a top level domain (and not a domain, so you can't create a certificate). But ! excludes, so this domain name is a domain, not a top level domain.

Perhaps it's possible to create such an entry


Because of that missing definition, Letsencrypt can't create a certificate. Only something like would be possible (but that's not what you want).



Thanks a lot for your explanation. :slight_smile:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.