Renew SSL Certificate

Renewing an SSL certificate is relatively simple. Many web hosts and registrars go as far as to automate the process, so you don’t have to lift a finger. However, if your host doesn’t offer automatic renewals for some reason, knowing how to renew a certificate manually can come in handy.

In this article, we’ll go over the reasons why renewing your certificate is important. Then we’ll teach you how to do it.

Key Steps to Renew Your SSL Certificate

Why you need to renew your SSL certificate

If you’ve ever set up an SSL certificate, you might have received an email similar to the following:

An SSL renewal notice.

Again, many popular hosts automate renewals so that you don’t have to deal with these emails (and renewals in general). If that’s the case for your host, this post probably isn’t for you! 🙂

Some certificates last for up to 398 days, whereas others have expiry dates as low as 90 days (we’re looking at you Let’s Encrypt). For many, these expiration dates can be a hassle. However, there are two reasons why limited-length certificates are necessary:

  1. Renewing your certificate validates your website’s identity.
  2. It makes sure the encryption you use is up to date, which keeps user’s data secure during transit.

At one point, it was common for SSL certificates to last up to five years. It was a convenient approach, but not optimal from a security standpoint. As of September 2020, the issuing period is roughly 13 months, which was a reduction on the previously reduced standard of about two years.

Even so, 13 months seems like a long time in comparison with Let’s Encrypt’s current standards. One reason the certificate authority argues that shorter validity periods are necessary is to encourage automation.

A lot of web hosts and certificate authorities will enable you to automate the renewal process. It should arguably become the new standard, so we get to enjoy the security benefit of short certificate validity periods without having to process renewals manually.

In many cases, website owners forget about SSL renewal altogether, which can lead to warning messages:

An expired SSL certificate warning.

As such, if you don’t have the option to automate the process, you’ll want to know how to renew your SSL certificate manually.

How to renew SSL certificate (in 4 simple steps)

The process for renewing your SSL certificate may vary a bit depending on what web host or certificate authority you’re using. Even so, the big picture remains the same. You’ll need to generate a certificate signing request (CSR), activate your certificate, and install it.

For illustration purposes, we’ll show you how to renew an SSL certificate on Namecheap. However, any similar cPanel backend will have the same basic steps to renew your SSL certificate.

Step #1: Generate a new CSR

The first thing you need to do is generate a CSR from your web host, which validates your server’s identity. If your hosting provider uses cPanel, you can do this by navigating to the Security tab and looking for the SSL/TLS option:

Accessing your SSL configuration options from cPanel.

On the next screen, go for the link under Certificate Signing Requests (CSR):

Processing a new CSR.

From this section, you can generate a new CSR for any of your existing domains:

Generating a new CSR.

Do note that you’ll need to provide contact information to validate domain ownership. Once you fill out every field, your host will provide you with a CSR code, which looks like this:

An example of a CSR code to help you renew your SSL certificate

Keep this code handy because you’ll need it to re-activate your certificate.

Step #2: Activate SSL certificate

Once you access your Namecheap dashboard, you’ll see an overview of all your products, including domains and SSL certificates.

If there are any certificates about to expired (or already past the due date), you’ll see an Activate option:

Activating an SSL certificate.

Clicking on this button will initiate the SSL renewal process. First off, you’ll need to enter the CSR you generated a minute ago:

Entering your CSR.

Next you’ll get a chance to confirm if the renewal information is correct:

Confirming your domain information.

If everything looks good, you can proceed to the SSL renewal validation process.

Step #3: Validate SSL certificate

For your certificate to become valid again, you need to (once more) confirm ownership of the domain you’re using. There are three ways you can do this:

  1. Email validation. You can renew your SSL certificate using an email associated with the domain in question.
  2. HTTP validation. This validation process involves uploading a file to the server you want to install the certificate on.
  3. DNS validation. Using CNAME records, you can validate your SSL certificate.

The most straightforward approach is email validation. If you have an email address associated with your domain (i.e., go ahead and enter it now:

Selecting email validation to renew SSL certificate

Now, you should get a validation email within a few minutes. Click on the link inside that email, and you’ll get a second message, including your new certificate files (in .crt format).

Step #4: Install new SSL certificate

Namecheap asks you to contact the Namecheap support team so they can install the renewed files for you. However, this isn’t set in stone across the board, so check your host’s documentation for the optimal approach.

For other web hosts, you can do this process manually. If you have access to cPanel, you can access the SSL/TLS section (as we did during step one) and look for the option that reads Manage SSL sites:

Managing your SSL certificates.

Inside, you’ll see a list of all your domains and to the right, the option to update each one’s certificate:

Updating your domain's certificates.

On the next screen, use the Autofill by Domain option to fill out the Private Key (KEY) field and enter the contents of your .crt file under Certificate:

Installing your renewed SSL certificate.

Now click the Install Certificate button and you’re good to go. If you’re lucky, that’ll be the last time you have to renew your SSL certificate by hand!


HTTPS is a must for modern websites. Not using the protocol can impact your search engine optimization (SEO) and put your users’ data at risk. What’s more, obtaining and installing an SSL certificate is simple (and it can also be cheap), so there’s no excuse not to do it.

However, when the time comes, you’ll need to renew your SSL certificate if your host hasn’t set up automated renewals for you. Here’s how to do it:

  1. Generate a new CSR.
  2. Activate your SSL certificate.
  3. Validate your SSL renewal.
  4. Install and renew your SSL certificate.
Installing an SSL certificate and using HTTPS is a great start for securing your WordPress website. But there are also lots of other ways to improve security – check out these 10 WordPress security tips to keep your site safe and consider periodically performing a website a security audit.

Do you have any questions about how to renew SSL certificates? Let’s go over them in the comments section below!

Free guide

4 Essential Steps to Speed Up
Your WordPress Website

Follow the simple steps in our 4-part mini series
and reduce your loading times by 50-80%. 🚀

Free Access

Inline Feedbacks
View all comments

Or start the conversation in our Facebook group for WordPress professionals. Find answers, share tips, and get help from other WordPress experts. Join now (it’s free)!