added workarounds for windows cert .nokey failure & moved the domain name injection to the build stage