diff --git a/deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile b/deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile
index f0fedab..3e13ba2 100755
--- a/deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile
+++ b/deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile
@@ -8,7 +8,97 @@ def domainsToCert = [
 	   // [ false, 'artikus.dynu.net', "mail", "stat", "www", "nextcloud" ]
 ] 
 
+
 def createCert(domains, repo) {
+    echo "Server ENV = ${SERVER_ENV}"
+    echo "Certbot image = ${CERTBOT_IMAGE}"
+
+    def toCreateDomains = []
+
+    for (domain in domains) {
+        def force = domain[0]
+        def name = domain[1]
+        def fileName = "/_docker_data_/letsencrypt/live/${name}/cert.pem"
+
+        def currentDomains = []
+        def daysLeft = null
+
+        // Pobierz dane z istniejącego certyfikatu, jeśli jest
+        if (fileExists(fileName)) {
+            def certInfo = sh(
+                script: "openssl x509 -in ${fileName} -text -noout | grep -o 'DNS:[^,]*' | sed 's/DNS://g'",
+                returnStdout: true
+            ).trim()
+
+            if (certInfo) {
+                currentDomains = certInfo.split('\n').collect { it.trim() }
+            }
+
+            // Oblicz ile dni zostało do wygaśnięcia
+            def expiryUnix = sh(
+                script: "openssl x509 -enddate -noout -in ${fileName} | cut -d= -f2 | xargs -I{} date -d {} +%s",
+                returnStdout: true
+            ).trim()
+
+            if (expiryUnix.isNumber()) {
+                def nowUnix = sh(script: "date +%s", returnStdout: true).trim().toLong()
+                daysLeft = (expiryUnix.toLong() - nowUnix) / (60 * 60 * 24)
+            }
+        }
+
+        // Lista oczekiwanych domen
+        def expectedDomains = [name]
+        for (int i = 2; i < domain.size(); i++) {
+            expectedDomains.add("${domain[i]}.${name}")
+        }
+
+        // Czy trzeba odnowić certyfikat?
+        def needsRenewal = force ||
+                           !fileExists(fileName) ||
+                           currentDomains.size() != expectedDomains.size() ||
+                           !currentDomains.containsAll(expectedDomains) ||
+                           (daysLeft != null && daysLeft < 30)
+
+        if (needsRenewal) {
+            echo "Certificate for '${name}' needs renewal (force: ${force}, missing domains: ${expectedDomains - currentDomains}, expires in: ${daysLeft ?: 'unknown'} days)"
+            toCreateDomains.add(domain)
+        } else {
+            echo "Certificate for '${name}' is OK (expires in ${daysLeft} days)"
+        }
+    }
+
+    echo "Certificates to create/renew: ${toCreateDomains.collect { it[1] }}"
+
+    if (toCreateDomains.isEmpty()) {
+        echo "All certificates are up to date. Nothing to create/renew."
+        return
+    }
+
+    def lets_encrypt = "docker compose --file lets-encrypt.yml --env-file lets.env "
+
+    dir("/_programs_/${repo}/deploy-this/lets-encrypt") {
+        for (domain in toCreateDomains) {
+            def name = domain[1]
+
+            def run = " run --rm certbot certonly" +
+                      " --webroot -w /var/www/certbot" +
+                      " --cert-name='${name}'" +
+                      " --non-interactive --agree-tos" +
+                      " --preferred-challenges http" +
+                      " --email ${LETSENCRYPT_EMAIL ?: 'kusartur@gmail.com'}" +
+                      " -d ${name}"
+
+            for (int i = 2; i < domain.size(); i++) {
+                run += " -d ${domain[i]}.${name}"
+            }
+
+            sh(lets_encrypt + run)
+        }
+    }
+}
+
+
+def createCertOld(domains, repo) {
     echo "Server ENV = ${SERVER_ENV}"
     echo "Cerbot image = ${CERTBOT_IMAGE}"
 
@@ -76,7 +166,7 @@ def createCert(domains, repo) {
     }
 }
 
-def createCertOld(domains, repo){
+def createCertOlder(domains, repo){
 
 	echo "Server ENV = ${SERVER_ENV}"
     echo "Cerbot image = ${CERTBOT_IMAGE} "