How to handle SSL certificate expiration
If you care about the security of your website, you’ll want to renew SSL certificates well in advance of their expiration dates. An SSL certificate is valid for a maximum of 398 days. After that time, a “Not Secure” warning sign will show up in the address bar of web browsers such as Google Chrome and Mozilla Firefox, along with a message that warns “Your connection is not private” or “Warning: Potential Security Risk Ahead.”
To prevent scaring away users whenever they attempt to access your website, you’ll want to know how to handle SSL certificate expiration.
Why SSL certificate renewal is important
SSL (Secure Sockets Layer) is widely acknowledged as the foundation of digital security. SSL certificates issued by third party certificate authorities ensure that information sent between a server and a browser remains private and unaltered throughout transit. The security of any personal information you provide online cannot be guaranteed without an SSL certificate that ensures encryption is up to date. Information that’s protected by SSL certificates include:
- Account numbers
- Credit card details
- Birth dates
But an SSL certificate is only valid for a little more than a year before it expires and needs to be renewed on time. Without a timely renewal, any information that’s sent won’t be secure.
How to renew an expired SSL certificate
Life is busy, and despite our best efforts, there are times when we fail to remember certain deadlines are approaching. Your SSL certificate renewal is one you don’t want to forget. For this reason, it’s essential to know how to renew SSL certificates so you can get an expired certificate handled quickly.
Choose an SSL certificate
You may want to consider your SSL certificate options rather than simply renewing what you currently have. Just as you did when you first received an SSL certificate, you’ll need to first decide which certificate is most appropriate for your website. There are several distinct certifications, each of which has a unique level of authentication.
Generate a new certificate signing request (CSR) code
You’ll need to get a CSR code to activate the SSL certificate. You can receive this information by asking your hosting provider or getting it through the control panel of your hosting service. The CSR code should be generated by the hosting server.
Fill out a renewal form
If you are choosing to renew your SSL certificate you’ll need to fill out a renewal form.
Validate a renewal SSL certificate
Before receiving an up-to-date SSL certificate you must complete a domain control validation, also known as a DCV. The DCV verifies that you own the rights to your domain. According to NameCheap, there are three different ways to perform DCV:
- Email validation
- HTTP validation
- Validation through the use of DNS
Validation typically involves copying and pasting validation code. You may be able to skip this step if you are renewing an SSL certificate and the information in the CSR is the same as before.
Download the renewed or new SSL certificate
Once you complete the steps above the certificate issuers will send the certificate. The new SSL certificate will be sent via email. You may also be able to download the SSL certificate through the issuer’s website.
Installing an SSL certificate on your server
If you need assistance installing the SSL certificate on your server you can either check the installation instructions that came with your server or get in touch with the hosting provider you use. For many people the latter option is going to be the easier option.
Time required to renew an SSL certificate
If your SSL certificate has already expired and you need to renew it the issuance period is the same as when you first bought it. Domain Validated (DV) SSL certificate renewals are quick and painless processes. It takes 1-3 days for an Organization Validated (OV) SSL certificate renewal. An Extended Validated (EV) SSL certificate renewal takes between 1-5 days to be issued.
Final thoughts on expired SSL certificates
SSL certificates aren’t endless. They have expiration dates that are crucial to establishing SSL’s credibility as a secure protocol. To ensure your web browser can adequately identify the server as secure the SSL certificate should never expire. Fixing expired SSL certificates is a critical step in keeping your website and users safe from hackers. If you discover that your website’s security certificate has expired immediately take action by taking the steps above.