diff --git a/src/lib/letsencrypt.ts b/src/lib/letsencrypt.ts
index 9465ec8da..27b3a7eea 100644
--- a/src/lib/letsencrypt.ts
+++ b/src/lib/letsencrypt.ts
@@ -13,14 +13,15 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			return await forceSSLOnApplication({ domain });
 		} else {
 			if (isCoolify) {
-				await asyncExecShell(
+				const { stderr: certError } = await asyncExecShell(
 					`docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
+				if (certError) throw new Error(certError);
 
-				const { stderr } = await asyncExecShell(
-					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`
+				const { stderr: copyError } = await asyncExecShell(
+					`docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (stderr) throw new Error(stderr);
+				if (copyError) throw new Error(copyError);
 				return;
 			}
 			let data: any = await db.prisma.application.findUnique({
@@ -36,13 +37,14 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
 			// Set SSL with Let's encrypt
 			if (data.destinationDockerId && data.destinationDocker) {
 				const host = getEngine(data.destinationDocker.engine);
-				await asyncExecShell(
+				const { stderr: certError } = await asyncExecShell(
 					`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p 9080:9080 -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port 9080 -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email`
 				);
-				const { stderr } = await asyncExecShell(
-					`DOCKER_HOST=${host} docker run --rm --name bash-${randomCuid} -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem`
+				if (certError) throw new Error(certError);
+				const { stderr: copyError } = await asyncExecShell(
+					`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
 				);
-				if (stderr) throw new Error(stderr);
+				if (copyError) throw new Error(copyError);
 				await forceSSLOnApplication({ domain });
 			}
 		}