diff --git a/letsencrypt/lib/common b/letsencrypt/lib/common
index a8c67a1..e841d62 100644
--- a/letsencrypt/lib/common
+++ b/letsencrypt/lib/common
@@ -139,7 +139,7 @@ has_existing_cert() {
 
 letsencrypt_cert_info() {
     local domain="$1"
-    compose -q --no-init --no-relations run --rm "$SERVICE_NAME" \
+    compose -q --no-init --no-relations run -T --rm "$SERVICE_NAME" \
             crt info "$domain"
 }
 
@@ -158,7 +158,20 @@ valid_existing_cert() {
     has_existing_cert "$domain" || return 1
 
     info "Querying $domain for previous info..."
-    out=$(letsencrypt_cert_info "$domain") || return 1
+    out=$(letsencrypt_cert_info "$domain")
+
+    ## check if output is valid yaml
+    err=$(e "$out" | shyaml get-value 2>&1 >/dev/null) || {
+        err "Cert info on '$domain' output do not seem to be valid YAML:"
+        echo "  cert info content:" >&2
+        e "$out" | prefix "    ${GRAY}|$NORMAL " >&2
+        echo >&2
+        echo "  parsing error:" >&2
+        e "$err" | prefix "    ${RED}!$NORMAL " >&2
+        echo >&2
+        return 3
+    }
+
     domains=$(e "$out" | shyaml get-value domains) || return 1
 
     domains=$(printf "%s " $domains | tr " " "\n" | sort)
@@ -285,6 +298,11 @@ crt_create() {
         err "Previous cert for ${domains[0]} deleted."
     fi
 
+    if [ "$valid_existing_cert" == 3 ]; then
+        err "Unexpected failure while checking previous cert info"
+        return 1
+    fi
+
     crt "$cfg" create "${domains[@]}" || {
         err "Certificate creation/renew failed for domain '${domains[0]}'."
         return 1