I received a reply from 1and1. See below.
My domain name is registered through Godaddy and I host on 1and1.
Now that I have my certificates is moving my hosting the only option I have if I want to use LetsEncrypt’s certs? Which I do as I don’t feel anyone should have to pay for something that’s become necessary in the world of google and is a good thing in general.
Thanks all, for the help and for doing all of this in general.
Dear Tomás Hradcky (Customer ID: --------),
Thank you for contacting us.
Please be informed that 1&1 SSL cannot be used with domain names that have modified DNS settings and/or a domain name registered/hosted with 1&1 using an external SSL. If you would like to apply an SSL certificate to a domain with modified name server or IP Address (A-Record) settings, please reset them to the default servers. This can be done from the 1&1 Control Panel. On the other hand, there is no option for domain names hosted with 1&1 to use an external SSL. However, if you wish, you can purchase your SSL Certificate here in 1&1. We are hoping for your consideration and understanding. We thank you for being a long time 1&1 customer.
If you have any further questions, do not hesitate to contact us.
Renan Joshua Jamola
1&1 Internet Inc.
If you are looking for an alternative, I highly recommend WebFaction! They don’t have automated certs, but they do allow you to generate and submit a support request to get them installed for free. I maintain a tool to make this process a bit easier: https://github.com/will-in-wi/letsencrypt-webfaction
Less expensive and less work than EC2, methinks, at least for workload that would presently be on 1&1.
This thread is coming up as the top search result in Google for “lets encrypt 1and1” but the info is little old now. Earlier this month (July 2017), 1and1 added instructions for how to use Let’s Encrypt on their Cloud servers. They have instructions for doing it via Plesk or the git client in Linux:
All shared web hosts can inherently do this, and even some that provide unlimited free certificates might not allow customers to import certificates from elsewhere. A limitation of shared hosting is that the host must configure and maintain the HTTPS service for all customers. Unfortunately, I don’t think we’re ever going to find a technical fix for this.