diff --git a/examples/certbot-wildcard/certbot-wildcard.sh b/examples/certbot-wildcard/certbot-wildcard.sh
old mode 100644
new mode 100755
index aa572ae..49cafb3
--- a/examples/certbot-wildcard/certbot-wildcard.sh
+++ b/examples/certbot-wildcard/certbot-wildcard.sh
@@ -3,17 +3,24 @@
 # you need to run it before starting bunkerized-nginx
 # since it's manual there is no auto renew, you need to run it again before it expires
 
+DOMAIN="*.website.com"
+SERVICE="mywww"
+
 # ask for wildcard certificate
 # it's interactive and you will need to add a DNS entry
-docker run --rm -it -v "${PWD}/letsencrypt:/etc/letsencrypt" certbot/certbot certonly --manual -d *.website.com --agree-tos --no-bootstrap
+docker run --rm -it -v "${PWD}/letsencrypt:/etc/letsencrypt" certbot/certbot certonly --manual -d $DOMAIN --agree-tos
+if [ $? -ne 0 ] ; then
+	echo "error while getting certificate for $DOMAIN"
+	exit 1
+fi
 
 # fix permissions
-chown -R 101:101 "${PWD}/letsencrypt/live"
+chown -R 101:101 "${PWD}/letsencrypt"
 
 # reload nginx if it's already running (in case of a "renew")
-if [ -z `docker-compose ps -q mywww` ] || [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q mywww)` ]; then
+if [ -z `docker-compose ps -q $SERVICE` ] || [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q $SERVICE)` ]; then
 	echo "bunkerized-nginx is not running, skipping nginx reload"
 else
 	echo "bunkerized-nginx is running, sending reload order"
-	docker-compose exec mywww nginx -s reload
+	docker-compose exec $SERVICE nginx -s reload
 fi
diff --git a/examples/certbot-wildcard/docker-compose.yml b/examples/certbot-wildcard/docker-compose.yml
index 23b87e4..9da94d3 100644
--- a/examples/certbot-wildcard/docker-compose.yml
+++ b/examples/certbot-wildcard/docker-compose.yml
@@ -10,13 +10,13 @@ services:
       - 443:8443
     volumes:
       - ./web-files:/www:ro
-      - ./letsencrypt/live/website.com:/certs:ro
+      - ./letsencrypt:/letsencrypt:ro
     environment:
       - SERVER_NAME=app1.website.com app2.website.com # replace with your domains
       - MULTISITE=yes
       - USE_CUSTOM_HTTPS=yes
-      - CUSTOM_HTTPS_CERT=/certs/fullchain.pem
-      - CUSTOM_HTTPS_KEY=/certs/privkey.pem
+      - CUSTOM_HTTPS_CERT=/letsencrypt/live/website.com/fullchain.pem
+      - CUSTOM_HTTPS_KEY=/letsencrypt/live/website.com/privkey.pem
       - REDIRECT_HTTP_TO_HTTPS=yes
       - DISABLE_DEFAULT_SERVER=yes
       - USE_CLIENT_CACHE=yes