LetsEncrypt request fails because wrong domain being used in request to LE API

[zEitEr]

You might open a ticket with DA support and let them fix it for you.

 

[gvsteyvo]

Hello,

Is there any chance you used the domain gvsteyvo.be as a hostname? Do you have subdomains created in the domain gvsteyvo.be under other user accounts?

How do you request a new certificate? Do you use command line or directadmin interface? Do you renew an existing certificate? Or request a new one?

In anyway you might try and remove *cert, *cacert, *key files from the directory /usr/local/directadmin/data/users/gvsteyvo/domains/ and try again.

Hi, sorry for the late reply - alerting/notifications don't seem to work here.

My use case was renewing a certificate earlier issued by another CA.

The hostname of the server is not related to the account gvsteyvo and it has no subdomains in directadmin.

I have tried removing the *cert, *cacert, *key files from the directory /usr/local/directadmin/data/users/gvsteyvo/domains/ , then re-ran command /usr/local/directadmin/scripts/letsencrypt.sh request gvsteyvo.be resulting in the same error:

2026/03/17 08:38:28 [INFO] acme: Registering account for [email protected]
2026/03/17 08:38:29 Could not complete registration
acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-acct :: urn:ietfarams:acme:error:invalidContact :: Error validating contact(s) :: contact email has forbidden domain "example.com"

Thanks in advance!

 

[DrWizzle]

2026/03/17 08:38:28 [INFO] acme: Registering account for [email protected]
2026/03/17 08:38:29 Could not complete registration
acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-acct :: urn:ietfarams:acme:error:invalidContact :: Error validating contact(s) :: contact email has forbidden domain "example.com"

Thanks in advance!

Looking at that, you need to give a REAL email address. They never email you (i've never received any emails). Try again with a real email and see if you still get the same output above

 

[zEitEr]

Error validating contact(s) :: contact email has forbidden domain "example.com"

That's the reason. You need to change the contact address of the domain owner in directadmin and then try again

 

[gvsteyvo]

Thanks @zEitEr and @DrWizzle !

Only using a real e-mail address did not solve the issue, the errors kept coming (as if the system did not pickup the new contact e-mail).

However, what did solve it eventually was the following:

1. rename the /usr/local/directadmin/data/.lego/accounts folder to something like accounts_old
2. try again to configure auto LetsAdmin certs renewal in the DirectAdmin GUI (a new /usr/local/directadmin/data/.lego/accounts was created)
3. problem solved!