Requested domain is not a FQDN

Hello and a Happy New Year!

I have a domain I want to obtain a cert for that contains an underscore. Therefore the letsencrypt-auto returns the following error: “Requested domain is not a FQDN”.
I’ve searched through the code for the error message and it turned out that the regex that is used to validate a Domain name is lacking the underscore as valid char. According to http://www.ietf.org/rfc/rfc2181.txt Section 11 there is only a length limit on domains — so a Domain containing an “_” should a perfectly fine as a FQDN.

Is there a way to circumvent the validation?

Thanks and have a good start into the new year 2016!

Happy New Year :slight_smile:

Not my area of expertise, but I think in RFC 1123, the only characters that can be used in DNS labels are “A” to “Z”, “a” to “z”, “0” to “9”, and the hyphen ("-"). The period [.] is also used in DNS names, but only between DNS labels. So I don’t think a domain name with an underscore “_” does strictly follow the rules.

If the check is done in the client, you may be able to use one of the alternate clients.

Yes and no.
FQDN allow underscore but this is not valid vor A Record.
And since TLS validate Host entries we are talking about A (AAAA) Record only.