If your SSL certificate expires, then users will see a warning message in their browsers telling them that your site may be unsafe. This is bad for your site’s user experience and search engine rankings.
That’s why we recommend always having an up-to-date SSL certificate on your website.
And luckily, renewing an SSL certificate is easier than you might think. We’ve guided a lot of WordPress users through the SSL renewal process, and we are here to share our expert advice.
In this article, we will provide step-by-step instructions on how to renew an SSL certificate.
What Is an SSL Certificate, and Why Should You Renew It?
An SSL certificate acts like a digital passport for your website. It verifies the identity of your website and creates a secure connection between your web server and a user’s browser.
This encrypted connection makes sure that any data exchanged between the website and the user, such as login credentials or credit card information, stays confidential and secure.
Most SSL certificates expire after 1 or 2 years, depending on the type of certificate you are using and your certificate authority (CA). Some certificates lapse before that, like Let’s Encrypt, which expires after 90 days.
If you don’t renew your certificates, then users will see a security warning on their web browsers when they visit your site.
This could scare users away from your website, showing that it might not be safe to visit. As a result, your website traffic will decrease.
It will also negatively impact your WordPress SEO, as sites that have HTTPS have an advantage in search engine rankings over HTTP sites.
That’s why it’s best to renew your SSL certificate to keep your site secure and your visitors happy.
That said, let’s look at how you can renew a certificate for your WordPress site. We will show you 2 methods, and you can use the links below to jump to the method you want to use:
Expert Tip: Are you tired of constant WordPress maintenance tasks like renewing your SSL certificate, updating WordPress core, and making backups? Our WPBeginner Maintenance and Support Services are here to help!
Our expert team can constantly monitor your website and make sure that it’s up-to-date, working well, and secure. We also offer on-demand WordPress support for one-time issues on your website.
Method 1: Automatically Renew SSL Certificate From Hosting Provider
Most WordPress hosting providers offer a free SSL certificate when you purchase domain hosting. They’re usually automatically renewed when the time comes, and you’re also notified via email.
However, you can also manually renew them from your hosting service’s control panel.
For instance, in Bluehost, you can head to the ‘Renewal Center’ from the menu on the left.
After that, you can select the SSL certificate for your website.
Then, simply click the ‘Renew Now’ button to continue.
Next, complete the checkout process and renew your SSL certificate. You can also choose to renew it for more than one year.
Depending on your hosting provider, you can also renew SSL for your domain or set up auto-renewal.
Method 2: Manually Renew SSL Certificate for Your WordPress Site
You can also manually renew your SSL certificates and replace them when they expire.
The exact steps will vary depending on your SSL certificate provider, so it’s a good idea to check your provider’s documentation or contact support if needed.
We will go over the steps to renew your SSL certificate with Bluehost, but the general process should be the same regardless of which web hosting company you currently use.
Step 1: Generating a New Certificate Signing Request (CSR)
To get started, log in to your hosting provider.
From here, you can click on the ‘Settings’ option beneath your website.
After that, you can switch to the ‘Advanced’ tab and scroll down to the ‘cPanel’ section.
The cPanel is a place where you can manage your website and server settings, such as managing domain names, creating email accounts, and even manually renewing your SSL certificate.
Go ahead and click the ‘Manage’ button in the cPanel section.
Once you land in cPanel, you can head over to the Security section.
From here, look for the ‘SSL/TLS’ option and click on it.
On the next screen, you’ll need to click the link under ‘Certificate Signing Requests (CSR).’
A Certificate Signing Request (CSR) is a cryptographic file generated by a server or device that is used to apply for an SSL/TLS certificate.
When applying for an SSL/TLS certificate, the CSR is submitted to a Certificate Authority (CA), which verifies the information provided and issues the SSL certificate if the request is approved.
Here, you’ll be asked to enter the following information:
- Domain(s)
- City
- State
- Country
- Company
It’s also helpful to provide the email where you can be contacted for verification of domain ownership. You can even provide a passphrase, which is used to confirm the identity of the website owner.
Once the required fields are completed, click ‘Generate.’
You should see a success message that says that you’ve generated the Certificate Signing Request.
Below that, you should see a CSR, which is an encrypted block of text that includes information about your site that the CA needs to issue your new SSL certificate.
Make sure to copy this code and keep it handy because you’ll need it to renew your certificate.
Below that, you’ll also see a decoded version of the CSR that details information such as your domain name, organization name, and geographic location.
Step 2: Send Certificate Signing Request to Certificate Authority
Now that you’ve generated a Certificate Signing Request (CSR), the next step is to send it to your Certificate Authority (CA) to purchase the certificate.
Ensure that you send the ‘Encoded Certificate Signing Request’ to the authority of your choice.
There are many popular SSL certification authorities. Some of these include Let’s Encrypt, Google Trust Services, Sectigo, GeoTrust, DigiCert, and more.
You can now follow the steps and provide all the information requested by the CA to renew your SSL certificate.
Step 3: Complete SSL Certificate Validation
For your SSL certificate to be renewed and valid again, the CA will ask to confirm ownership of your domain.
The certificate authority can confirm your domain identity in multiple ways. The most common way is through email, where you can enter the email address associated with your domain.
Other ways might include DNS validation, which requires CNAME records. Or HTTP validation, where you’ll need to upload a file to the server you want to install SSL on.
Once the validation process is finalized and the certificate is renewed, you’ll get a file that will have a .crt
extension (also called CRT file).
Step 4: Upload and Install New SSL Certificate
Next, you can upload and install the new SSL certificate on your website using cPanel.
For instance, in Bluehost, you’ll need to head to cPanel and go to the ‘SSL/TLS’ section.
From the panel on the right, navigate to the Certificates (CRT) section.
Now, click the ‘Generate, view, upload, or delete SSL certificates’ option.
Next, you can paste the certificate code in the text box or upload the CRT file that you received from the certificate authority.
There is also an option to add a description for your SSL certificate. Once that’s done, simply click the ‘Upload Certificate’ button.
Once it’s uploaded, you should see it under the Certificates in the Server section.
From here, simply click the ‘Install’ link for the SSL certificate you just uploaded.
Your new SSL certificate should now be active on your site after the installation process.
To check if it is working properly, you can visit multiple pages on your site and see if they have HTTPS in the URL.
We hope this article helped you learn how to renew an SSL certificate for your WordPress site. You may also want to see our ultimate WordPress security guide and our showcase of the best WordPress security plugins to protect your site.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Samuel
It is good to know that SSL certificate can be installed manually which I have no reason to it manually. My hosting provider always provide me free ssl in lets’ encrypt. Thanks for this knowledge.
Jiří Vaněk
Thank you for the clear explanation of how to manually renew a certificate. I have my own server where I host my website, and I currently use Certbot for SSL. It not only generated the certificate for me but also automatically renews it every three months. However, it’s crucial for me to know other methods as well since I manage both the website and server myself. Every bit of additional knowledge like this is incredibly valuable to me.
kzain
I was worried about my site’s security expiring, but this tutorial made the process a breeze. I appreciate the clear steps and the explanation of why renewing an SSL certificate is crucial for website security. Your tip on using a wildcard SSL certificate for multiple subdomains is particularly valuable – it’s saved me a lot of hassle. Thanks for helping me keep my site secure and trustworthy for my visitors. Your tutorials are always so concise and easy to follow, WPBeginner – you’re a lifesaver!
Carlie
Hi,
Thanks for this informative article. I had no idea about SSL certificates until now!
You said in your article about purchasing an SSL certificate, but not how much it costs. Also, as a complete novice in these things, how do I find out who my CA is, please, and how do I go about getting in touch with them? Finally, you mention about setting an auto-renewal – how do I go about it, please? I’m using Astra and Woo Commerce on my site.
Thanks in advance.
WPBeginner Support
For most users it would be their hosting provider to be the one to go through for your current certificate and information so you would want to contact your host
Admin
Moinuddin Waheed
This is very common problem for new installations specially with the hosting providers which doesn’t give free ssl certificates.
I think one of the considerations while making a hosting purchase is to check whether hosting provider gives the free ssl certificate or not.
I have seen GoDaddy shared plan users find it very difficult to install ssl certificate.
This guide will definitely help in making the necessary work in ssl/tls inside the file manager.
Mrteesurez
Thanks for sharing this helpful information! Setting up auto-renewal for SSL is definitely the way to go. Not only does it save time and hassle, but it also ensures that your website remains secure without any interruptions. I’ve found that auto-renewal gives peace of mind, knowing that my site’s security is consistently maintained without needing manual intervention.