diff --git a/templates/nginx-for-ssl-certificate.php b/templates/nginx-for-ssl-certificate.php
index 807c4b9..79914ff 100644
--- a/templates/nginx-for-ssl-certificate.php
+++ b/templates/nginx-for-ssl-certificate.php
@@ -6,4 +6,8 @@ server {
   listen [::]:80;
   listen 80;
   server_name www.<?=$this->e($domain)?> <?=$this->e($domain)?>;
+  location ^~ /.well-known/acme-challenge/ {
+      root /home/<?=$this->e($user)?>/<?=$this->e($domain)?>;
+      try_files $uri =404;
+  }
 }
diff --git a/utils.inc.php b/utils.inc.php
index 9c2e012..23614be 100644
--- a/utils.inc.php
+++ b/utils.inc.php
@@ -143,6 +143,9 @@ function removeUnixUser($user)
 
 function createNginxConfig($domain, $user, $herseUser, $hersePass)
 {
+    // create folder if not exists
+    exec('sudo -u '.$user.' mkdir -p /home'.'/'.$user.'/'.$domain);
+    
     $nginxFile = '/etc/nginx/conf.d/'.$domain.'.conf';
     if (empty($herseUser) && empty($hersePass)) {
         // no herse needed
@@ -150,7 +153,6 @@ function createNginxConfig($domain, $user, $herseUser, $hersePass)
         throw new Exception('You need an username AND a password to add a herse.');
     } else {
         // add password file to domain
-        exec('sudo -u '.$user.' mkdir -p /home'.'/'.$user.'/'.$domain);
         file_put_contents(
             '/home'.'/'.$user.'/'.$domain.'/.htpasswd',
             $herseUser.':'.password_hash($hersePass, PASSWORD_BCRYPT)
@@ -224,6 +226,7 @@ function copyYesWikiFiles($domain, $user, $dbUser, $herseUser = null, $hersePass
     $destDir = '/home'.'/'.$user.'/'.$domain;
     $sudo = 'sudo -u '.$user.' ';
     exec($sudo.' mkdir -p '.$destDir, $output);
+    exec($sudo.' chown '.$user.':'.$user.' -R '.$destDir, $output);
     if (file_exists($tmpFile)) {
         unlink($tmpFile);
     }