Invalid email address:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

I have lost/deleted the private key of the certificate. I thought i could generate a new one to be used with the domain i got a while back. I am very new to this so I am probably not doing it right. Some advice would be appreciated.

My domain is:

I ran this command: sudo certbot certonly --nginx

It produced this output: Invalid email address:

My web server is (include version): nginx

The operating system my web server runs on is (include version): ubuntu v20

My hosting provider, if applicable, is: google domains?

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.32.2

Well, that indeed is an invalid email address? I'm not sure what's unclear about this error to be honest. :slight_smile:


Also it look s like you are using HTTP-01 Challenge and Let's Debug show NoRecords Fatal here


Hi @Johng117, and welcome to the LE community forum :slight_smile:

Please show the dialog that triggered that error message.


Oh, i deleted the previous ip addresses that i had associated with it. I'll enter the new ip and see whether that works.


A couple of questions.

If I have deleted/lost the private key file, does that mean i cant get another certificate for the domain i mentioned above? Would I have to prove the domain was mine before trying to get a replacement certificate? I am not sure I am understanding this process.

No. It just means the cert you got with that private key can't be used (because they are a pair)

Yes. You must always prove control of the domain to get a cert.

Right now it does not look like you have a working public website. You don't have any A or AAAA record in the DNS.