diff --git a/nixos/machines/driftwood/configuration.nix b/nixos/machines/driftwood/configuration.nix
index 61dafa0..a067117 100644
--- a/nixos/machines/driftwood/configuration.nix
+++ b/nixos/machines/driftwood/configuration.nix
@@ -33,9 +33,9 @@
       email = "admin@stranger.systems";
     };
     # Get a wildcard cert
-    certs."wildcard.stranger.systems" = {
-      domain = "stranger.systems";
-      extraDomainNames = ["*.stranger.systems"];
+    certs."tailnet.stranger.systems" = {
+      domain = "tailnet.stranger.systems";
+      extraDomainNames = ["*.tailnet.stranger.systems"];
       dnsProvider = "cloudflare";
       dnsPropagationCheck = true;
       credentialFiles = {
diff --git a/nixos/machines/driftwood/containers/hub.nix b/nixos/machines/driftwood/containers/hub.nix
index 98638cc..9f6314c 100644
--- a/nixos/machines/driftwood/containers/hub.nix
+++ b/nixos/machines/driftwood/containers/hub.nix
@@ -16,7 +16,7 @@
 
   services.nginx.virtualHosts."hub.tailnet.stranger.systems" = {
     forceSSL = true;
-    useACMEHost = "wildcard.stranger.systems";
+    useACMEHost = "tailnet.stranger.systems";
     locations."/" = {
       proxyPass = "http://127.0.0.1:8081";
     };