There’s no excuse not to have an SSL on your website. Most web hosting providers offer free SSLs with their hosting packages meaning you can keep your website and your users safe. The only downside to an SSL certificate is that it doesn’t last forever, so you’ll need to know how to renew your SSL.
Thankfully, renewing an SSL certificate is a pretty painless process. Most web hosts will automatically do this for you, but if they don’t, it’s essential to understand how to renewal an SSL manually if you run into any trouble.
We’re going to discuss why renewing your SSL is important and how to actually go through the process. Remember, not having an SSL on your website could impact your SEO.
Table of Contents
Why Renewing Your SSL Is Important
SSL certificates, just like domains and hosting web hosting plans, expire after a certain amount of time. When they expire, you’ll need to renew your SSL certificate. The reasons for this are:
- Renewing your certificate confirms your website’s identity
- Ensures your site and visitors data is kept secure and encypted
When you login to your web host’s control panel, you’ll be able to locate your website’s security settings, thus find details of your SSL certificate. As can be seen above, when I login to my Bluehost dashboard, I can navigate to security and see that my Let’s Encrypt SSL certificate is on and active.
If you forget to renew your SSL certificate or your web host doesn’t automatically do this for you, your website won’t be protected by HTTPS. When a user tries to access your website, they’ll encounter a warning message to say that the connection isn’t private.
If a user tries to visit a website that isn’t secure, they’ll get a “Your connection is not private” warning message. You can see by the error code: NET_ERR_CERT_AUTHORITY_INVALID that the SSL certificate either doesn’t exist, or the validity of the certificate cannot be confirmed.
Step-by-step To Renewing Your SSL
Depending on the type of SSL certificate or web host you’re signed up to, the process may differ slightly. However, the general gist of renewing your SSL certificate is the same. To renew your SSL certificate you’ll need to generate a certificate signing request (CSR), activate your SSL licence, then install it on your website.
For the purpose of this guide, we’ll be showing you how to renew your SSL certificate with Bluehost. However, the process is generally the same across the board, as cPanel follows the same basic steps.
1. Generating A CSR
You’ll first need to generate a CSR from your web host. This validates your server’s identity. To do this, follow the steps below:
- Login to your Bluehost account
- On the left hand side select Advanced to access cPanel
- Scroll down to the Security section and select SSL/TLS
- Click the link that says CSR
- Generate a new CSR for your existing domains
- Copy the code provided by the system
2. Activate SSL
Bluehost automatically renew any SSL certificates, however, if your host doesn’t do this, you can manually update them by following these steps:
- Navigate to your SSL certificates
- Select the button that says Activate or Renew
- Enter the CSR code generated in step 1
- Confirm your details and renewal information is correct
3. Validate SSL
To ensure your certificate is valid, you’ll need to confirm ownership of your domain. Remember, if you don’t do this, your website users will encounter the error code we talked about earlier: NET_ERR_CERT_AUTHORITY_INVALID
You can validate your SSL via:
- Email validation
- HTTP validation
- DNS validation
4. Install SSL
Some web hosts may ask you to contact them so that they can install the renewed SSL files for you. Others like Bluehost allow you to manually do this via cPanel through the SSL/TLS section:
- Navigate to SSL/TLS under Security
- Select Manage SSL sites
- Select the SSL you wish to update and click Update Certificate
- Select Autofil by Domain which will fill out the Private Key field
- Enter the details of your .crt file under Certificate
- Click Install Certificate
What Is Let's Encrypt?
Let’s Encrypt was launched in 2016 offering free encrpytion for website owners. The idea behind the project was to be able to provide all website owners with SSLs so their websites were protected. Let’s Encrypt pride themselves on offering free and easy-to-install SSL certificates.
Encrypting website traffic and ensuring your website was protected by HTTPS used to be quite expensive. Small business owners would often face the decision whether to save money they don’t really have in order to look professional.
Why Should You Use It?
Considering there are paid SSL certificates that you can purchase for your website, why would you want to use Let’s Encrypt? Does it make it less secure because it’s free? Here is a list of reasons why you should use Let’s Encrypt to protect your website:
- It’s free
- The installation process is very simple
- Linux web servers can install Let’s Encrypt with shell access
- Many web hosting companies include it within their hosting plans and will automatically manage the renewal for you
- Let’s Encrypt is often automatically installed for you so your website is always protected with HTTPS
- It offers a secure connection between your web server and website visitors
- Plenty of documentation available
- Google Chrome are platinum sponsors of Let’s Encrypt
- Can protect multiple domain names using SAN certificates
- No downtime when issuing certificates
Why Shouldn't You Use It?
While Let’s Encrypt is free and easy to use, it doesn’t necessarily mean your website should choose it over another option. Let’s Encrypt is secure and free, but there are reasons against using it:
- Doesn’t offer Extended Domain Validation
- May place less trust in websites that don’t offer the green bar beside the URL
- Will need separate SSL certificates for multiple subdomains without Wildcard SSL
- 90-day lifetime
- Compatibility issues with some platforms like Blackberry, Windows XP, etc.
- Larger websites may rely on customer support which Let’s Encrypt lacks
Whether you’re using a paid SSL certificate or free SSL on your website, having one is incredibly important. Yes, in this world you do get what you pay for, but you should also consider the type of website you have. If you’re hosting a large eCommerce website then a paid SSL certificate is worth investing it. But small businesses or personal websites can get away with free SSLs like Let’s Encrypt.
What really matters is that your SSL certificate is valid, installed, and active. Without an SSL certificate your website visitors may decide to avoid your website at all costs. It doesn’t show a professional attitude and it certainly puts distrust in their hearts.
How to renew your SSL certificate doesn’t have to be difficult, as we’ve seen from our how-to guide above.