diff --git a/CHANGELOG.md b/CHANGELOG.md
index bcdbe3b..95e1fb7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,6 @@
 # ChangeLog
 
-## [Unreleased]
+## [1.1.1] - 2024-07-17
 ### Changed
 - case-insensitive parsing of location HTTP header field (#4)
 - wait in several attempts for successful challenge validation instead of
@@ -14,6 +14,7 @@
   - Let's Encrypt may send emails to you about the client software accessing
     them. For example they informed about clients still using ACMEv1
     (not bacme). In such emails the user agent is mentioned.
+- fixed bug when retrieving the challenge URL and token
 
 
 ## [1.1.0] 2020-02-02
diff --git a/bacme b/bacme
index 1341feb..c9ea0d8 100755
--- a/bacme
+++ b/bacme
@@ -318,9 +318,9 @@ do
 	log " for ${DOMAINS[$i]}"
 	debug "  authorization_url=${AUTHORIZATION_URLS[$i]}"
 	RESPONSE="$(api_request "${AUTHORIZATION_URLS[$i]}" "")"
-	CHALLENGE_URLS[$i]="$(echo "${RESPONSE}" | flatstring | sed 's/^.*"type": "http-01", "status": "pending", "url": "\([^"]*\)", "token": "\([^"]*\)".*$/\1/')"
+	CHALLENGE_URLS[$i]="$(echo "${RESPONSE}" | flatstring | sed 's/^.*"type": "http-01"[^{}]*"url": "\([^"]*\)".*$/\1/')"
 	debug "  challenge_url=${CHALLENGE_URLS[$i]}"
-	CHALLENGE_TOKENS[$i]="$(echo "${RESPONSE}" | flatstring | sed 's/^.*"type": "http-01", "status": "pending", "url": "\([^"]*\)", "token": "\([^"]*\)".*$/\2/')"
+	CHALLENGE_TOKENS[$i]="$(echo "${RESPONSE}" | flatstring | sed 's/^.*"type": "http-01"[^{}]*"token": "\([^"]*\)".*$/\1/')"
 	debug "  challenge_token=${CHALLENGE_TOKENS[$i]}"
 	KEYAUTHS[$i]="${CHALLENGE_TOKENS[$i]}.${JWK_THUMBPRINT}"
 	debug "  keyauth=${KEYAUTHS[$i]}"