I ran this command:
Order certificate through Akamai
It produced this output:
Let’s Encrypt will not issue a certificate for the domain(s) “home.tb.ask.com,akd.search.tb.ask.com,search.ask.com,safesearch.ask.com”. Please work with Let’s Encrypt to allow these domain(s) in a certificate or remove them from the certificate request.
My web server is (include version):
Apache 2.2
The operating system my web server runs on is (include version):
CentOS 6
My hosting provider, if applicable, is:
Self-hosted + Akamai Content Delivery
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Akamai Content Delivery
I’m guessing this is because ask.com is considered High Value. Let’s Encrypt is required to have some sort of manual “extra” process for a list of High Value domains (the rules do not specify any particular means by which they should determine a domain is “high value”) and you’re on the list. So that’s nice. Because Let’s Encrypt is fully automatic, the manual process can’t just slow down issuance as it would at several commercial CAs, instead issuance fails altogether.
Hopefully if you can explain (this might involve getting the right people to reach out to Let’s Encrypt to prove you’re really the famous ask.com requesting this) you can get them to remove ask.com from their High Value list. It seems a shame not to be “high value”, but it’s nice to get automatic certificates which makes up for it.