Error letsencrypt registration

2020-04-29 21:56:16,328:DEBUG:acme.client:Received response:
HTTP 400
Server: nginx
Date: Wed, 29 Apr 2020 19:56:21 GMT
Content-Type: application/problem+json
Content-Length: 178
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0101EKioTXdlwy5apdyJLyGsctBTOFcKux_KYV7c-Zu4hvA

{
  "type": "urn:ietf:params:acme:error:invalidEmail",
  "detail": "Error creating new account :: \"\\\"email@domain.com\\\"\" is not a valid e-mail address",
  "status": 400
}
2020-04-29 21:56:16,328:DEBUG:certbot._internal.main:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 519, in _determine_account
    config, account_storage, tos_cb=_tos_cb)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py", line 176, in register
    regr = perform_registration(acme, config, tos_cb)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py", line 226, in perform_registration
    raise errors.Error(msg)
Error: The ACME server believes "email@domain.com" is an invalid email address. Please ensure it is a valid email and attempt registration again.
2020-04-29 21:56:16,331:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in <module>
    sys.exit(main())
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 15, in main
    return internal_main.main(cli_args)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 1347, in main
    return config.func(config, plugins)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 1217, in certonly
    le_client = _init_le_client(config, auth, installer)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 603, in _init_le_client
    acc, acme = _determine_account(config)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 525, in _determine_account
    "Unable to register an account with ACME server")
Error: Unable to register an account with ACME server

I have tried with different email address, from different domain, and I always have the same error.
My email address work for others domain and application.
I use the containerized version, with stable-4101 since 2 month without problem.
I deploy this version with ansible-playbook, I have deployed my server multiple times without problems and since 2 weeks I have this error.
I have tried stable-4416 but got the same error.

You are sure that if I send a mail to email@domain.com you will receive it ? Somehow I doubt it.

I change my email for giving the log.
I use 3 real email address that I have for different situations.

that’s all very well, but a domain and a certificate are all about publishing information, so if you want to stay safely hidden, it’s not possible to help you very usefully; that’s why on the letsencrypt support it’s never allowed to hide the domain (it’s useless anyway because of certificate transparency). If your domain data is invalid you’ll never be able to get a certificate for it and it’s impossible for someone not having this information to find out. So if you want to keep your domain secret to the public you have to actually find someone you trust to help you, a public forum is not the right way to go.

In my try, I use a gmail.com email address. The principal address that I use is OK for other registration with traeffik.

if you want to keep your domain secret to the public you have to actually find someone you trust to help you, a public forum is not the right way to go.

It’s not the forum that I untrust, it’s bot which read the forum.
I use forum since many years now, and you’re the first who want me to give personnal information on it.

Generaly, people who want to solve the problem give the command to the one who get the problem. Then they want the result back to know what happen.
So if you have command to test an email address with letsencrypt don’t hesitate.

what the output of
dig yourdomain.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> gmail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24865
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;gmail.com.			IN	A

;; ANSWER SECTION:
gmail.com.		149	IN	A	216.58.213.133

;; Query time: 0 msec
;; SERVER: 10.5.28.129#53(10.5.28.129)
;; WHEN: Thu Apr 30 09:12:31 UTC 2020
;; MSG SIZE  rcvd: 54

with the gmail address.

But DNS must be good, if not, I wouldn’t have resolved letsencrypt domain.

It is now working fine. The problem was writed in logs :

This lot of \ is due to change of my .env file.

With stable-4416 version, I have to change this environment file and the mistake was :

# Domain for which to generate the certificate
LETSENCRYPT_DOMAIN="meet.sample.gpatel"

# E-Mail for receiving important account notifications (mandatory)
LETSENCRYPT_EMAIL="gpatel@domain.com"

I delete bogus " in that block of code and it’s now ok. The good block is :slight_smile:

# Domain for which to generate the certificate
LETSENCRYPT_DOMAIN=meet.sample.gpatel

# E-Mail for receiving important account notifications (mandatory)
LETSENCRYPT_EMAIL=gpatel@domain.com