An overview of the Renewal process

Renewals are a regular part of the SSL/TLS lifecycle. You can renew your SSL certificate starting 90 days before its expiration. Despite what the name may suggest, renewing your SSL certificate is the same process you go through when you purchase an SSL Certificate for the first time. Time cannot be added on to your existing certificate.

The reason you have to renew is two-fold. Perhaps most importantly, shorter lifespans aid in the proliferation of new standards, algorithms and ciphers. Encryption is advancing every day. Changing out certificates regularly keeps your encryption up to date.

The second reason is that the CAs need to re-validate you once in a while so that you can maintain your trusted status.

How do I renew my SSL certificate?

You can only initiate the renewal process up to 90 days out from your certificate expiration date. If you wish to renew the certificate before then, you can always place a fresh order for the cert, but you will not be able to take advantage of any early renewal carrying over of time.

Renewing is easy and can be done any of these ways: 

  • By purchasing the same certificate as before and selecting "Renewal" during the Generation step
  • Following the prompts in reminder emails
  • Accessing the Expiring Orders page on your account Dashboard

From here you can view all of the certificates in your account that are coming up for renewal. Just click "View Detail" for your expiring order:

Scroll to the bottom of the next page and click the "Renew Now" button to begin the process.

Do I have to stick with the same certificate to renew?

No. You don’t. If you would like to upgrade or pick another certificate type, you can still renew. A word of caution though, if you plan on switching products, you will not be able to take advantage of any early renewal carrying over of time.

Do I lose time if I renew early?

No! As long as you’re renewing with the same brand/product that you purchased previously, all of the Certificate Authorities we carry will allow you to carry over up to 90 days on the lifespan of your new certificate.

Will I have to go through validation again?

When the CAB Forum reduced the maximum lifespan of an SSL certificate from three years to two, it also decided to cap the number of days a CA can re-use the same validation information at 825. If you had a one or two-year certificate, your CA can re-use your information (though you may need to update it if anything has changed with your website). However, if wait too long you’ll have to undergo validation once again.

Do I have to install the renewal certificate?

Yes. The CA will email you a brand new certificate file to replace the one that is expiring, so you will need to refer to your server/host's instructions and install the new SSL certificate on your website, or purchase our Installation Service along with the renewal to have our team of specialists take care of it for you.

How do I remember? sends its customers a series of emails at regular intervals to make sure they don’t forget. For information on managing your renewal e-mails through your account, please see our article on How to Manage Renewal Email Preferences.

If you have any further questions, or need help with your renewals, feel free to contact our Support Team 24/7/365.