diff --git a/app/Console/Commands/WizardDomains.php b/app/Console/Commands/WizardDomains.php
index b543781..76a7048 100644
--- a/app/Console/Commands/WizardDomains.php
+++ b/app/Console/Commands/WizardDomains.php
@@ -67,8 +67,12 @@ class WizardDomains extends Command
             $ssl ? 1 : 0,
         ));
 
-        $helperOk   = $out !== null && !str_contains((string) $out, '[x]');
-        $outStr     = (string) $out;
+        $outStr   = (string) $out;
+        $helperOk = $out !== null
+            && !str_contains($outStr, '[x]')
+            && !str_contains($outStr, 'command not found')
+            && !str_contains($outStr, 'No such file')
+            && trim($outStr) !== '';
 
         foreach (['ui', 'mail', 'webmail'] as $key) {
             $status = file_get_contents(self::STATE_DIR . "/{$key}");
@@ -85,9 +89,8 @@ class WizardDomains extends Command
         file_put_contents(self::STATE_DIR . '/done', $helperOk ? '1' : '0');
         Setting::set('ssl_configured', $helperOk ? '1' : '0');
 
-        if ($helperOk && $ssl) {
-            $this->updateEnv(base_path('.env'), 'SESSION_SECURE_COOKIE', 'true');
-        }
+        // SESSION_SECURE_COOKIE wird nicht automatisch gesetzt —
+        // nginx leitet HTTP→HTTPS weiter, Secure-Flag wird im Admin gesetzt
 
         return self::SUCCESS;
     }
diff --git a/app/Livewire/Setup/Wizard.php b/app/Livewire/Setup/Wizard.php
index 7424d69..94db3ab 100644
--- a/app/Livewire/Setup/Wizard.php
+++ b/app/Livewire/Setup/Wizard.php
@@ -181,6 +181,12 @@ class Wizard extends Component
         $done = @file_get_contents(self::STATE_DIR . '/done');
         if ($done !== false) {
             $this->setupDone = true;
+
+            // Bei erfolgreichem SSL sofort auf HTTPS weiterleiten,
+            // damit Livewire nicht mehr über HTTP pollt
+            if (trim($done) === '1' && $this->ui_domain) {
+                $this->redirect('https://' . $this->ui_domain . '/setup', navigate: false);
+            }
         }
     }