diff --git a/pkg/issuer/acme/setup.go b/pkg/issuer/acme/setup.go
index 645e3e4cb..4933627c4 100644
--- a/pkg/issuer/acme/setup.go
+++ b/pkg/issuer/acme/setup.go
@@ -13,6 +13,7 @@ import (
 
 	"github.com/golang/glog"
 	"github.com/jetstack-experimental/cert-manager/pkg/apis/certmanager/v1alpha1"
+	"github.com/jetstack-experimental/cert-manager/pkg/util/errors"
 	"github.com/jetstack-experimental/cert-manager/pkg/util/kube"
 	"github.com/jetstack-experimental/cert-manager/pkg/util/pki"
 )
@@ -33,7 +34,7 @@ const (
 func (a *Acme) Setup(ctx context.Context) error {
 	glog.V(4).Infof("%s: getting acme account private key '%s/%s'", a.issuer.GetObjectMeta().Name, a.resourceNamespace, a.issuer.GetSpec().ACME.PrivateKey.Name)
 	cl, err := a.acmeClient()
-	if k8sErrors.IsNotFound(err) {
+	if k8sErrors.IsNotFound(err) || errors.IsInvalidData(err) {
 		glog.V(4).Infof("%s: generating acme account private key '%s/%s'", a.issuer.GetObjectMeta().Name, a.resourceNamespace, a.issuer.GetSpec().ACME.PrivateKey.Name)
 		var accountPrivKey *rsa.PrivateKey
 		accountPrivKey, err = a.createAccountPrivateKey()
@@ -51,6 +52,7 @@ func (a *Acme) Setup(ctx context.Context) error {
 		s := messageAccountVerificationFailed + err.Error()
 		glog.V(4).Infof("%s: %s", a.issuer.GetObjectMeta().Name, s)
 		a.recorder.Event(a.issuer, v1.EventTypeWarning, errorAccountVerificationFailed, s)
+		return err
 	}
 
 	glog.V(4).Infof("Verifying ")