[Testing Request] https://gethttpsforfree.com


#1

Howdy all, I’ve made a barebones ACME client website.

https://gethttpsforfree.com

Would love for people to test it and report bugs. It’s very ugly, but it should work. It works by making ajax requests to the Let’s Encrypt API and printing some copy/paste commands you need to run in order to sign and pass the ACME challenges. This website never knows or asks for your private keys :smile:

Anyway, would love feedback and for people to test it! It’s open source, so pull requests welcome!


#2

Oh great. I’ll try this later.

By the way you should extend your “dont trust sites that ask for private key” warning to cover also sites that just generate your private key, because more sites do just that.


#3

Just tested it out on one of my domains. Works fantastically! Thanks for making this!


#4

You should pimp it up with Bootstrap. Would you mind if I made a pull request ?


#5

@NurdTurd

this should answer your question.


#6

Awesome! I’ll get started in a bit!


#7

a web version of https://github.com/diafygi/letsencrypt-nosudo ? :smiley:
excellent, more choices


#8

Pull requests are welcome, but in order to facilitate easy auditing, only CSS is allowed for ui purposes. Please read the end of the readme, thanks!


#9

Yep, wrote that one, too :slight_smile:


#10

what can CSS do ASIDE from the UI? it’s stylesheets…
by the way I already have a key since I used LE beforem any Idea how to convert that hson style key into the normal format?


#11

Sorry, I meant that javascript should not be added for UI purposes (since it would complicate auditing the javascript).

Also, for JWK to PEM, check out what this node.js library does: https://github.com/Brightspace/node-jwk-to-pem/blob/master/src/rsa.js#L25


#12

well we could use bootstrap without js I have done that one long enough, especially since I am not a fan of js because sites that rely too heavily on it dont work properly until all js finished loading and if the loading fails it gets even more annoying, but well this site is essentially a site that runs local from the start so that’s that.
also any Idea how I use that lib? I dont have much experience with js since I didnt really like it for reasons explained above.


#13

well I have some small problems.

first: the signatures in step 3 should ignore spaces and stuff because that makes copying pretty annyoing in pre-win10 command line.

second.instead of setting a variable in step 3 can you not just append the key loaction to each request, makes it more cross compatible because these variables are in windows enclosed with % on start and end.

I get stuck on step 3 with
Error:
Account registration failed. Please start back at Step 1.
{“type”:“urn:acme:error:malformed”,“detail”:“JWS verification
error”,“status”:400}


#14

Is https://gethttpsforfree.com/ site currently broken? When I validate my CSR, Step 3: Sign API Requests removes (waiting…) message, but doesn’t give me anything to further input.
Thank you!

I originally posted this on My Let's Encrypt Tutorial using GetHTTPSForFree.com - but thought this is a more appropriate place to post.

Newbie - jly


#15

bump. Please, anyone?


#16

Once you hit “Validate CSR”, something like “Found domains! Proceed to Step 3! (example.com)” should appear next to the button. Does that happen for you? (It seems to work for me.)

If that doesn’t work: Can you check if the site is running into any JavaScript errors? The easiest way to do this in Chrome and Firefox is to right-click the page and click “Inspect element”, and then open the “Console” task. Then, reload the page and repeat the steps. If you get any errors, paste them here and we’ll see what’s happening.


#17

Have you tried to contact the author directly? It’s summer after all, even though weather does not always seem to agree, so he might be on holidays :speedboat: :sunny: Maybe open an issue on github too if you are sure that something is wrong. If nothing helps, you still have a list of alternative clients to try.


#18

I was using IE11, but got the latest Firefox and breezed through to step 4. I ran the signature command in my terminal and got a reply (stdin)…
Ran the signature command in my terminal without problem. Now I’m stuck on hosting the file to my server. I get result: Permission denied (publickey).

Your kind advise is greatly appreciated.

  • Jonna
    p.s. need to use the file based not python :slight_smile:

#19

The “How to host this file on your server” section basically just contains a suggestion on how you could do this. The goal is to get files in a directory where they are served when you access your site via HTTP. The guide suggests using SSH, but that’s not the only way to do this, and it might not be available with your web hosting plan. Using FTP or some kind of control panel where you can upload files would work as well.


#20

:blush: Thank you! I’ve been reading too much into the instructions and blindly following NurdTurd’s video without thinking about our input methods. I’ll WinSCP the files into my directory, AFTER I get some sleep.
I will update then.
pfg - you’re definitely in my LIKE list!