diff --git a/certbot/tests/util_test.py b/certbot/tests/util_test.py
index 3f6bd2a39..7e320012a 100644
--- a/certbot/tests/util_test.py
+++ b/certbot/tests/util_test.py
@@ -420,6 +420,13 @@ class EnforceLeValidity(unittest.TestCase):
     def test_valid_domain(self):
         self.assertEqual(self._call(u"example.com"), u"example.com")
 
+    def test_input_with_scheme(self):
+        self.assertRaises(errors.ConfigurationError, self._call, u"http://example.com")
+        self.assertRaises(errors.ConfigurationError, self._call, u"https://example.com")
+
+    def test_valid_input_with_scheme_name(self):
+        self.assertEqual(self._call(u"http.example.com"), u"http.example.com")
+
 
 class EnforceDomainSanityTest(unittest.TestCase):
     """Test enforce_domain_sanity."""
diff --git a/certbot/util.py b/certbot/util.py
index 041515199..a95ef62b9 100644
--- a/certbot/util.py
+++ b/certbot/util.py
@@ -568,6 +568,17 @@ def enforce_domain_sanity(domain):
     # Remove trailing dot
     domain = domain[:-1] if domain.endswith(u'.') else domain
 
+    # Separately check for odd "domains" like "http://example.com" to fail
+    # fast and provide a clear error message
+    for scheme in ["http", "https"]:  # Other schemes seem unlikely
+        if domain.startswith("{0}://".format(scheme)):
+            raise errors.ConfigurationError(
+                "Requested name {0} appears to be a URL, not a FQDN. "
+                "Try again without the leading \"{1}://\".".format(
+                    domain, scheme
+                )
+            )
+
     # Explain separately that IP addresses aren't allowed (apart from not
     # being FQDNs) because hope springs eternal concerning this point
     try: