diff --git a/validation.go b/validation.go
index 797e76332c5835995876c00f7a1caff4421c8e1e..df39e8520ef0bc09a0237a072ce6dbea33294580 100644
--- a/validation.go
+++ b/validation.go
@@ -5,6 +5,8 @@ import (
 
 	"github.com/google/uuid"
 	"golang.org/x/crypto/bcrypt"
+
+	"regexp"
 )
 
 func getValidUsername(u string) (uuid.UUID, error) {
@@ -25,13 +27,12 @@ func validKey(k string) bool {
 }
 
 func validSubdomain(s string) bool {
-	_, err := uuid.Parse(s)
-	if err == nil {
-		return true
-	}
-	return false
+	// URL safe base64 alphabet without padding as defined in ACME
+	RegExp := regexp.MustCompile("^[A-Za-z0-9](?:[A-Za-z0-9-]{0,61}[A-Za-z0-9])?$")
+	return RegExp.MatchString(s)
 }
 
+
 func validTXT(s string) bool {
 	sn := sanitizeString(s)
 	if utf8.RuneCountInString(s) == 43 && utf8.RuneCountInString(sn) == 43 {
diff --git a/validation_test.go b/validation_test.go
index 37dd05fccf8ef8a751bf9deee54d3bc2884f510a..16dfc04ceceb58310c86a9c926d80072d3bb0834 100644
--- a/validation_test.go
+++ b/validation_test.go
@@ -55,7 +55,9 @@ func TestGetValidSubdomain(t *testing.T) {
 		output    bool
 	}{
 		{"a097455b-52cc-4569-90c8-7a4b97c6eba8", true},
-		{"a-97455b-52cc-4569-90c8-7a4b97c6eba8", false},
+		{"a-97455b-52cc-4569-90c8-7a4b97c6eba8", true},
+		{"foo.example.com", false},
+		{"foo-example-com", true},
 		{"", false},
 		{"&!#!25123!%!'%", false},
 	} {