abuse system and fraud

Hello the website is abusing the system breaching TOS


I personally believe the mentioned website didn’t breach Let’s Encrypt’s system, because the requirements for getting a Let’s Encrypt certificate is just confirm domain ownership.

If you believe that website spreads mailware or other harmful information, you should report this directly to Google Safe Browsing and the domain’s registry, since even Let’s Encrypt stop issue certificate (if possible) to this site, there are still other CAs issuing certificate.

The above lines are my personal thought, and have no relation to Let’s Encrypt or ISRG.

Thank you


What part of the TOS do you believe was breached? Keep in mind, let’s encrypt issues domain validated certificates which only confirm you are connected to the domain listed in the address bar. They make no assurances about the contents of the site.

1 Like

Disability discrimination

The proper place to take further action would be with your countries judicial system or their web hosting provider.

It really hard for me to resolve it, it kept happening for 7 months or so

Let’s encrypt does not police the contents of web sites and does not revoke certificates unless there is a technical problem, a request by the website operator or a legal obligation (such as the U.S. SDN list).

1 Like

:cry: I can’t do this by myself :cold_sweat:

…and what part of Let’s Encrypt’s terms of service do you believe “disability discrimination” (however you define that term) violates? Because I don’t see it in there.

That doesn’t make it Let’s Encrypt’s problem.

As you’ve been told a few times already in this thread, the only thing the cert verifies is that the system that requested it actually had control over the domain. It doesn’t verify that the site is in fact where you want to go. It doesn’t verify that the site does what you need it to do. It doesn’t verify that the operators of that site are honest, trustworthy, caring, reliable, or indeed anything other than genuine, bona fide Nazis. If Let’s Encrypt issued a cert for to, they did their job properly–what content then serves with that cert is really an unrelated issue.

If a website doesn’t meet your needs, your most effective recourse is to not use that website and find (or create) one that does. If you believe they’re operating in a way that’s illegal under your country’s laws, they give you additional recourse, and you can pursue that. But Let’s Encrypt isn’t the entity to police your interaction with this or any other site.


There is no action taken so I going to forward this to the policd

So you let this thread die for two weeks, and haven’t bothered to explain why you think this should be Let’s Encrypt’s problem, much less why you think any police agency anywhere in the world would be interested.

This thread has run its course and the tone of the discussion is in decline. I’m going to lock it as solved. Please refer to for more information about Let’s Encrypt’s position on phishing/fraudulent domains. Thanks,