From 4c0da7a8c9049806cf75896f2b19e90295202c1f Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Fri, 2 Feb 2018 20:29:04 -0800
Subject: [PATCH] use fallback cert of altDomain

---
 src/reverseproxy.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/reverseproxy.js b/src/reverseproxy.js
index c6cc052c2..ae517882b 100644
--- a/src/reverseproxy.js
+++ b/src/reverseproxy.js
@@ -44,6 +44,7 @@ var acme = require('./cert/acme.js'),
     platform = require('./platform.js'),
     safe = require('safetydance'),
     shell = require('./shell.js'),
+    tld = require('tldjs'),
     user = require('./user.js'),
     util = require('util');
 
@@ -276,7 +277,7 @@ function ensureCertificate(app, auditSource, callback) {
             eventlog.add(eventlog.ACTION_CERTIFICATE_RENEWAL, auditSource, { domain: vhost, errorMessage: errorMessage });
 
             // if no cert was returned use fallback. the fallback/caas provider will not provide any for example
-            if (!certFilePath || !keyFilePath) return getFallbackCertificate(app.domain, callback);
+            if (!certFilePath || !keyFilePath) return getFallbackCertificate(app.altDomain ? tld.getDomain(app.altDomain) : app.domain, callback);
 
             callback(null, { certFilePath, keyFilePath, reason: 'new-le' });
         });