diff --git a/src/cloudron.js b/src/cloudron.js
index 7175ffdc0..bf8b86f45 100644
--- a/src/cloudron.js
+++ b/src/cloudron.js
@@ -236,24 +236,32 @@ function configureWebadmin(callback) {
         callback(error);
     }
 
-    sysinfo.getPublicIp(function (error, ip) {
-        if (error) return done(error);
+    function configureNginx(error) {
+        debug('configureNginx: dns update:%j', error);
 
-        addDnsRecords(ip, function (error) {
+        certificates.ensureCertificate({ location: constants.ADMIN_LOCATION }, function (error, certFilePath, keyFilePath) {
             if (error) return done(error);
 
+            gWebadminStatus.tls = true;
+
+            nginx.configureAdmin(certFilePath, keyFilePath, constants.NGINX_ADMIN_CONFIG_FILE_NAME, config.adminFqdn(), done);
+        });
+    }
+
+    // update the DNS. configure nginx regardless of whether it succeeded so that
+    // box is accessible even if dns creds are invalid
+    sysinfo.getPublicIp(function (error, ip) {
+        if (error) return configureNginx(error);
+
+        addDnsRecords(ip, function (error) {
+            if (error) return configureNginx(error);
+
             subdomains.waitForDns(config.adminFqdn(), ip, 'A', { interval: 30000, times: 50000 }, function (error) {
-                if (error) return done(error);
+                if (error) return configureNginx(error);
 
                 gWebadminStatus.dns = true;
 
-                certificates.ensureCertificate({ location: constants.ADMIN_LOCATION }, function (error, certFilePath, keyFilePath) {
-                    if (error) return done(error);
-
-                    gWebadminStatus.tls = true;
-
-                    nginx.configureAdmin(certFilePath, keyFilePath, constants.NGINX_ADMIN_CONFIG_FILE_NAME, config.adminFqdn(), done);
-                });
+                configureNginx();
             });
         });
     });
diff --git a/webadmin/src/js/setupdns.js b/webadmin/src/js/setupdns.js
index 4976a345e..22c981798 100644
--- a/webadmin/src/js/setupdns.js
+++ b/webadmin/src/js/setupdns.js
@@ -103,7 +103,9 @@ app.controller('SetupDNSController', ['$scope', '$http', 'Client', function ($sc
         $scope.busy = true;
 
         Client.getStatus(function (error, status) {
-            if (!error && status.adminFqdn && status.webadminStatus.dns && status.webadminStatus.tls) {
+            // webadminStatus.dns is intentionally not tested. it can be false if dns creds are invalid
+            // runConfigurationChecks() in main.js will pick the .dns and show a notification
+            if (!error && status.adminFqdn && status.webadminStatus.tls) {
                 window.location.href = 'https://' + status.adminFqdn + '/setup.html';
             }