diff --git a/packages/dashmate/src/doctor/analyse/analyseConfigFactory.js b/packages/dashmate/src/doctor/analyse/analyseConfigFactory.js
index 7396668d439..4bb65d0ffb5 100644
--- a/packages/dashmate/src/doctor/analyse/analyseConfigFactory.js
+++ b/packages/dashmate/src/doctor/analyse/analyseConfigFactory.js
@@ -134,6 +134,10 @@ and revoke the previous certificate in the ZeroSSL dashboard`,
                 description: chalk`ZeroSSL certificate is not valid.`,
                 solution: chalk`Please run {bold.cyanBright dashmate ssl zerossl obtain} to get a new one.`,
               },
+              [ERRORS.ZERO_SSL_API_ERROR]: {
+                description: ssl?.data?.error?.message,
+                solution: chalk`Please contact ZeroSSL support if needed.`,
+              },
             }[ssl.error] ?? {};
 
             if (description) {
diff --git a/packages/dashmate/src/listr/tasks/ssl/zerossl/obtainZeroSSLCertificateTaskFactory.js b/packages/dashmate/src/listr/tasks/ssl/zerossl/obtainZeroSSLCertificateTaskFactory.js
index 86bb3db5ca4..ca679233d03 100644
--- a/packages/dashmate/src/listr/tasks/ssl/zerossl/obtainZeroSSLCertificateTaskFactory.js
+++ b/packages/dashmate/src/listr/tasks/ssl/zerossl/obtainZeroSSLCertificateTaskFactory.js
@@ -64,6 +64,9 @@ export default function obtainZeroSSLCertificateTaskFactory(
             case ERRORS.CERTIFICATE_ID_IS_NOT_SET:
               // eslint-disable-next-line no-param-reassign
               task.output = 'Certificate is not configured yet, creating a new one';
+
+              // We need to create a new certificate
+              ctx.certificate = null;
               break;
             case ERRORS.PRIVATE_KEY_IS_NOT_PRESENT:
               // If certificate exists but private key does not, then we can't set up TLS connection
@@ -85,6 +88,9 @@ export default function obtainZeroSSLCertificateTaskFactory(
             case ERRORS.CERTIFICATE_EXPIRES_SOON:
               // eslint-disable-next-line no-param-reassign
               task.output = `Certificate exists but expires in less than ${ctx.expirationDays} days at ${ctx.certificate.expires}. Obtain a new one`;
+
+              // We need to create a new certificate
+              ctx.certificate = null;
               break;
             case ERRORS.CERTIFICATE_IS_NOT_VALIDATED:
               // eslint-disable-next-line no-param-reassign
@@ -93,7 +99,12 @@ export default function obtainZeroSSLCertificateTaskFactory(
             case ERRORS.CERTIFICATE_IS_NOT_VALID:
               // eslint-disable-next-line no-param-reassign
               task.output = 'Certificate is not valid. Create a new one';
+
+              // We need to create a new certificate
+              ctx.certificate = null;
               break;
+            case ERRORS.ZERO_SSL_API_ERROR:
+              throw ctx.error;
             default:
               throw new Error(`Unknown error: ${error}`);
           }
diff --git a/packages/dashmate/src/ssl/zerossl/validateZeroSslCertificateFactory.js b/packages/dashmate/src/ssl/zerossl/validateZeroSslCertificateFactory.js
index f4d9956a9d7..20b221216c5 100644
--- a/packages/dashmate/src/ssl/zerossl/validateZeroSslCertificateFactory.js
+++ b/packages/dashmate/src/ssl/zerossl/validateZeroSslCertificateFactory.js
@@ -11,6 +11,7 @@ export const ERRORS = {
   CERTIFICATE_EXPIRES_SOON: 'CERTIFICATE_EXPIRES_SOON',
   CERTIFICATE_IS_NOT_VALIDATED: 'CERTIFICATE_IS_NOT_VALIDATED',
   CERTIFICATE_IS_NOT_VALID: 'CERTIFICATE_IS_NOT_VALID',
+  ZERO_SSL_API_ERROR: 'ZERO_SSL_API_ERROR',
 };
 
 /**
@@ -68,9 +69,22 @@ export default function validateZeroSslCertificateFactory(homeDir, getCertificat
     data.isBundleFilePresent = fs.existsSync(data.bundleFilePath);
 
     // This function will throw an error if certificate with specified ID is not present
-    const certificate = await getCertificate(data.apiKey, certificateId);
+    try {
+      data.certificate = await getCertificate(data.apiKey, certificateId);
+    } catch (e) {
+      if (e.code) {
+        data.error = e;
 
-    data.isExpiresSoon = certificate.isExpiredInDays(expirationDays);
+        return {
+          error: ERRORS.ZERO_SSL_API_ERROR,
+          data,
+        };
+      }
+
+      throw e;
+    }
+
+    data.isExpiresSoon = data.certificate.isExpiredInDays(expirationDays);
 
     // If certificate exists but private key does not, then we can't setup TLS connection
     // In this case we need to regenerate a certificate or put back this private key
@@ -82,17 +96,16 @@ export default function validateZeroSslCertificateFactory(homeDir, getCertificat
     }
 
     // We need to make sure that external IP and certificate IP match
-    if (certificate.common_name !== data.externalIp) {
+    if (data.certificate.common_name !== data.externalIp) {
       return {
         error: ERRORS.EXTERNAL_IP_MISMATCH,
         data,
       };
     }
 
-    if (['pending_validation', 'draft'].includes(certificate.status)) {
+    if (['pending_validation', 'draft'].includes(data.certificate.status)) {
       // Certificate is already created, so we just need to pass validation
       // and download certificate file
-      data.certificate = certificate;
 
       // We need to download new certificate bundle
       data.isBundleFilePresent = false;
@@ -103,7 +116,7 @@ export default function validateZeroSslCertificateFactory(homeDir, getCertificat
       };
     }
 
-    if (certificate.status !== 'issued' || data.isExpiresSoon) {
+    if (data.certificate.status !== 'issued' || data.isExpiresSoon) {
       // Certificate is going to expire soon, or current certificate is not valid
       // we need to obtain a new one
 
@@ -128,8 +141,6 @@ export default function validateZeroSslCertificateFactory(homeDir, getCertificat
     }
 
     // Certificate is valid, so we might need only to download certificate bundle
-    data.certificate = certificate;
-
     return {
       data,
     };