What to Do If A Current SSL Certificate Expired
Don't panic, but don't sit around and wait, either.
It is commonplace now for websites to use security certificates even if they don't handle sensitive and confidential information. SSL certificates are being widely used because they can increase a website's trustworthiness in the eyes of the viewers, especially since they give websites the gold or green padlock which indicates security. Furthermore, even search engines rank secure websites higher than those without an SSL certification.
However, all SSL certificates come with an expiration date. Some free SSL certificates last 30 to 90 days. And paid SSL certificates can be purchased for up to three years. Regardless of the duration, they all expire eventually.
What happens when the SSL certificate expires? How to renew security certificate that expired? Read on to get answers to all these questions and more!
What happens when my SSL certificate expires?
Users will generally start getting renewal notifications about 60 days before the expiry of the SSL certificate. However, if you don't get the emails and your SSL certificate expires, you will lose the padlock sign from your website and your Google Chrome might start flashing the “Not Secure” sign next to the address bar.
Why SSL Certificate Expires
All SSL certificates are hard-coded with an expiration date. That's why it's impossible to extend the dates on an existing SSL certificate. As such, when people say “renew” SSL, they really just mean buy a new SSL certificate but for the same domain or website and using the same account details. Once the expiration period is up, it's necessary to “renew” the certificate by getting a new one and installing it.
How to Renew Security Certificate that Expired?
- Generate a new CSR (Certificate Signing Request). This only has to be done if you use a Windows, Tomcat, or Java-based server, or if you have changed your business details since previous SSL purchase. For Apache servers, generation of CSR is not necessary.
- Go to your existing account and select the Renew SSL link.
- From the products page, select the SSL certificate you want to renew.
- If you don't get the Renew page, you can simply select the necessary product and then sign into your account when asked to generate CSR. (If you purchased the SSL certificate from a reseller, contact that specific reseller.)
- Once your renewal request is approved, the certificate will be sent to your email address.
- Install your renewed certificate and verify it. You should do this before you uninstall the previous certificate. That will ensure that your site is never left without security.
- Create a backup of the old certificate (in case something goes wrong) and uninstall it from your website.
The process shouldn't take too long. Domain Validated Certificates can be renewed within a few minutes. Organization Validation and Extended Validation Certificates may take one or two days for renewal.