Manual install fail through httpsforfree-gh on verifying ownership

Manual install fail through httpsforfree-gh

On step 4: in ‘Option 2 - file-based’ I’ve received this error.

Error: Domain challenge failed. Please start back at Step 1. {“type”:“http-01”,“status”:“invalid”,“error”:{“type”:“urn:acme:error:unauthorized”,“detail”:“Error parsing key authorization file: Invalid key authorization: malformed token”},“uri”:“https://acme-v01.api.letsencrypt.org/acme/challenge/rh9LUAnBU8CpjQRmV6T1KUP9xhbHuWwcnWDBZJ_Bn90/16047515",“token”:“Q7mxfMYX7oCZDXLS1QiQVyVFBhk7fgPM_ZXODuDLLDQ”,“keyAuthorization”:“Q7mxfMYX7oCZDXLS1QiQVyVFBhk7fgPM_ZXODuDLLDQ.zmG1Mo4BYCNmvWPyzHMZmMJGbuHOa6SNeAip8v6gPHk”,“validationRecord”:[{“url”:“http://tomashradcky.com/.well-known/acme-challenge/Q7mxfMYX7oCZDXLS1QiQVyVFBhk7fgPM_ZXODuDLLDQ”,“hostname”:“tomashradcky.com”,“port”:“80”,“addressesResolved”:[“74.208.87.168”],“addressUsed”:"74.208.87.168”}]}

I’ve read about and changed permissions on both the /.well-known folder and the /acme-challenge folder to 755 for each. I copied the text from each given url to be the file names in the /acme-challenge folder.

I wasn’t exactly sure what the ‘Serve this content:’ meant and thought that this needed to be text in the actual file itself, so I pasted it in the file and then uploaded the files to my server. After clicking “I’m now serving this file” I received the above error.

Any help here would be much appreciated as it seems I am close (hopefully) to getting the certs manually as I haven’t yet wrestled down letsencrypt-auto.

I’m running Yosemite and am hosted at 1and1.

Thanks much.

You’ve created RTF files instead of plain text.

1 Like

Thank you, thank you. Just going to fast.
Will give it another shot today.

Much appreciated.

Make sure both that the files’ contents are plain text and not RTF, and that they don’t end in a .rtf extension.

1 Like

Yesterday I went through a manual install again and got as far as part 2 of the fourth section when it failed. The 0.4.0 LE client release, along with a revamped local setup, came to the rescue and now I have my certs.

From here my next battle begins as I am on 1and1 and they do not provide cpanel for my package nor do they let you get to their version of ssl setup without purchasing a certificate.

I have yet, after a fews days of searching here and elsewhere, to find a way to properly install my certs in any ‘manual’ way. I have ssh and stfp access to my roots and have seen a .htaccess located in /log/.htacess.

I’m sending an e-mail out today to both the tech and sever support at 1and1 and we’ll go from there.

Thanks so much, schoen & cool110, for the help so far.

And here are a couple of screen shots of my file structure.


I received a reply from 1and1. See below.
My domain name is registered through Godaddy and I host on 1and1.

Now that I have my certificates is moving my hosting the only option I have if I want to use LetsEncrypt’s certs? Which I do as I don’t feel anyone should have to pay for something that’s become necessary in the world of google and is a good thing in general.

Thanks all, for the help and for doing all of this in general.


Dear Tomás Hradcky (Customer ID: --------),

Thank you for contacting us.

Please be informed that 1&1 SSL cannot be used with domain names that have modified DNS settings and/or a domain name registered/hosted with 1&1 using an external SSL. If you would like to apply an SSL certificate to a domain with modified name server or IP Address (A-Record) settings, please reset them to the default servers. This can be done from the 1&1 Control Panel. On the other hand, there is no option for domain names hosted with 1&1 to use an external SSL. However, if you wish, you can purchase your SSL Certificate here in 1&1. We are hoping for your consideration and understanding. We thank you for being a long time 1&1 customer.
If you have any further questions, do not hesitate to contact us.

Sincerely,
Renan Joshua Jamola
Technical Support
1&1 Internet Inc.