It produced this output:
A test authorization for ir.sina.com to the Let’s Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
Error creating new order :: Cannot issue for “ir.sina.com”: The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policy
Question
Not sure which policy is causing the issuance of the Certificate. Can you please throw some light on this?
What needs to be done to overcome this?
We block a number of particularly high-profile domains from getting certificates from Let’s Encrypt by default. In order to remove the block, we need all of the following:
An entity representative must email security@letsencrypt.org requesting the change, from an email address with the domain in question.
The domain owner must have an accredited attorney submit a letter requesting addition or removal from the blocklist. Letter must include: Attorney Name, Firm Name, Firm Phone Number and Email Address, Firm Physical Address, Name of organization being represented, a request that specific domains be added or removed from our blocklist, date of request
We are only able to entirely remove blocked domains. We cannot whitelist subdomains of a blocked domain.
If you would like to protect domains after a block is removed we can recommend adding CAA records.