1and1 response to query to allow LetsEncrypt Certs

Continuing the discussion from Manual install fail through httpsforfree-gh on verifying ownership:

From the above discussion.

I received a reply from 1and1. See below.
My domain name is registered through Godaddy and I host on 1and1.

Now that I have my certificates is moving my hosting the only option I have if I want to use LetsEncrypt’s certs? Which I do as I don’t feel anyone should have to pay for something that’s become necessary in the world of google and is a good thing in general.

Thanks all, for the help and for doing all of this in general.

Dear Tomás Hradcky (Customer ID: --------),

Thank you for contacting us.

Please be informed that 1&1 SSL cannot be used with domain names that have modified DNS settings and/or a domain name registered/hosted with 1&1 using an external SSL. If you would like to apply an SSL certificate to a domain with modified name server or IP Address (A-Record) settings, please reset them to the default servers. This can be done from the 1&1 Control Panel. On the other hand, there is no option for domain names hosted with 1&1 to use an external SSL. However, if you wish, you can purchase your SSL Certificate here in 1&1. We are hoping for your consideration and understanding. We thank you for being a long time 1&1 customer.
If you have any further questions, do not hesitate to contact us.

Renan Joshua Jamola
Technical Support
1&1 Internet Inc.

well the first part of the Email can be ignored since it's not about using their certs with other servers, the main point of the email is seen here:

So in other words, "buy our certs or forget HTTPS".


Thank you. It’s what I thought.

1 Like

It’s sad. Such a blatant disregard for the needs of the customer:-( If they at least had a competitive offering, but this is just plain arrogance. Their “service” is a parody.

As a side note, why not move to AWS? You would have all the freedom to do whatever you wanted, and it might be a lot less expensive (all things considered).

Letsencrypt has considerably changed the economics of running web services.

We have a series of tutorials on now to set up your web server on AWS, for example:
A Web Server in the Cloud: How to Set up a Website from Scratch on a Domain of your Choice

How to Migrate Your Web Services from Any Hosting Provider to a Shiny New EC2 Instance on AWS with WordPress as an Example

and many others (also on Letsencrypt). It’s not as hard as it looks, and if you are into Letsencrypt, it’s certainly worth considering.

1 Like

If you are looking for an alternative, I highly recommend WebFaction! They don’t have automated certs, but they do allow you to generate and submit a support request to get them installed for free. I maintain a tool to make this process a bit easier: https://github.com/will-in-wi/letsencrypt-webfaction

Less expensive and less work than EC2, methinks, at least for workload that would presently be on 1&1.

1 Like

1and1 is now offering free SSL certs from Symantec for all hosting accounts through their DNS. I assume they will still not work with Let’s Encrypt…



lol but no matter who they get the certs from, it’s nice that they have free certs by now.

This thread is coming up as the top search result in Google for “lets encrypt 1and1” but the info is little old now. Earlier this month (July 2017), 1and1 added instructions for how to use Let’s Encrypt on their Cloud servers. They have instructions for doing it via Plesk or the git client in Linux:


Thanks for the update. Fantastic news!

Don’t get too excited - this “free” offer is only good for one domain per account. So if you have more than 1 domain on a hosting account you are out of luck for the other domains on that account.

For webpacks, you’re even out of luck if you have several subdomains: the cert you get for free is the one they call ‘1&1 SSL Starter’, and it does not support subdomain wildcards.

I don’t like the fact that 1&1 can dictate whether I use an external SSL certificate provider or not

Hi @gavmccloy,

All shared web hosts can inherently do this, and even some that provide unlimited free certificates might not allow customers to import certificates from elsewhere. A limitation of shared hosting is that the host must configure and maintain the HTTPS service for all customers. Unfortunately, I don’t think we’re ever going to find a technical fix for this.