diff --git a/2.Common_services/7.letsencrypt/0_setup.sh b/2.Common_services/7.letsencrypt/0_setup.sh
index 4c50cee81f8b6b16043d7e0fe5840cf93f3cb6d5..46b51ba1a23ef01efa878222dd92072ef67668c8 100644
--- a/2.Common_services/7.letsencrypt/0_setup.sh
+++ b/2.Common_services/7.letsencrypt/0_setup.sh
@@ -15,6 +15,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+set -ve
 trap "cp /tmp/{mediaserver-msuser.conf,skyreach.conf,msmonitor.conf} /etc/nginx/sites-available/; nginx -t && service nginx reload; exit 255" ERR
 source /root/envsetup/global-conf.sh
 LE_DIR="/etc/letsencrypt/live/"
@@ -33,6 +34,8 @@ cp mediaserver-msuser.conf skyreach.conf msmonitor.conf /tmp/
 
 # PREPARE LETSENCRYPT REQUEST STRING
 # ALTER NGINX CONF TO ACCEPT CLEAR HTTP
+# (DEACTIVATE errexit BECAUSE USING FAILING COMMANDS)
+set +e
 DOMAIN_STRING="${MS_SERVER_NAME}" && \
 	sed -i s/rewrite/#rewrite/ mediaserver-msuser.conf
 [ -n "${CM_SERVER_NAME}" ] && \
@@ -52,13 +55,13 @@ certbot certonly \
 	--webroot --webroot-path /tmp/letsencrypt \
 	--domains "${DOMAIN_STRING}" \
 	--email "${EMAIL_ADMINS}" \
-	--rsa-key-size 4096	
-
+	--rsa-key-size 4096
 
 # RE-REDIRECT HTTP to HTTPS
 sed -i s/#rewrite/rewrite/ mediaserver-msuser.conf skyreach.conf msmonitor.conf
 
 # CHECK CERTS PRESENCE & EDIT NGINX CONFIG
+# (DEACTIVATE errexit BECAUSE USING FAILING COMMANDS)
 set +e
 [ -f ${LE_DIR}/${MS_SERVER_NAME}/fullchain.pem ] && \
 	sed -i s/#ssl_certificate/ssl_certificate/g mediaserver-msuser.conf
@@ -73,4 +76,4 @@ set +e
 nginx -t && \
 	service nginx reload
 rm /tmp/{mediaserver-msuser.conf,skyreach.conf,msmonitor.conf}
-cd -
\ No newline at end of file
+cd -