diff --git a/@xen-orchestra/mixins/SslCertificate.mjs b/@xen-orchestra/mixins/SslCertificate.mjs
index 484067e29..dce92966e 100644
--- a/@xen-orchestra/mixins/SslCertificate.mjs
+++ b/@xen-orchestra/mixins/SslCertificate.mjs
@@ -57,18 +57,7 @@ class SslCertificate {
     this.#secureContext = createSecureContext({ cert, key })
   }
 
-  async getSecureContext(httpsDomainName, config) {
-    // something changed in configuration or there is a network misconfiguration
-    // don't generate new let's encrypt challenges or invalid certificates
-    if (config?.acmeDomain !== httpsDomainName) {
-      warn(`certificates is configured for a domain, but receive http request from another`, {
-        acmeDomain: config?.acmeDomain,
-        httpsDomainName,
-      })
-      // fallback to self signed certificate to not lock user out
-      return undefined
-    }
-
+  async getSecureContext(config) {
     if (!this.#shouldBeRenewed) {
       return this.#secureContext
     }
@@ -185,20 +174,26 @@ export default class SslCertificates {
     const config = this.#app.config.get(['http', 'listen', configKey])
     const handlers = this.#handlers
 
+    const { acmeDomain } = config
+
     // not a let's encrypt protected end point, sommething changed in the configuration
-    if (config.acmeDomain === undefined) {
-      warn(`config don't have acmeDomain, mandatory for let's encrypt`, { config })
+    if (acmeDomain === undefined) {
       handlers.delete(configKey)
       return
     }
 
+    // server has been access with another domain, don't use the certificate
+    if (acmeDomain !== httpsDomainName) {
+      return
+    }
+
     let handler = handlers.get(configKey)
     if (handler === undefined) {
       // register the handler for this domain
       handler = new SslCertificate(this.#challengeHandlers, initialCert, initialKey)
       handlers.set(configKey, handler)
     }
-    return handler.getSecureContext(httpsDomainName, config)
+    return handler.getSecureContext(config)
   }
 
   // middleware that will serve the http challenge to let's encrypt servers
diff --git a/CHANGELOG.unreleased.md b/CHANGELOG.unreleased.md
index d5f47de32..20a47d0c1 100644
--- a/CHANGELOG.unreleased.md
+++ b/CHANGELOG.unreleased.md
@@ -27,4 +27,6 @@
 
 <!--packages-start-->
 
+- @xen-orchestra/mixins patch
+
 <!--packages-end-->