What Can I Do If an SSL Certificate Is About to Expire?
SSL certificates have a validity period. Expired SSL certificates cannot secure your website communication connections. If your SSL certificate expires, a message indicating that your website is insecure or cannot be accessed will be displayed to visitors. This will deteriorate your website services and trustfulness.
Before an SSL certificate is about to expire, you can enable auto-renewal or manually renew it on the console. The manual renewal entry is available only for 30 calendar days before an SSL certificate expires.
SCM will notify you of certificate expiration 30 days before the certificate expires.
- For certificates you purchase through SCM, SCM automatically notifies you of the expiration by email and SMS two months, one month, one week, three days, and one day before a certificate expires and again when the certificate actually expired.
- For an SSl certificate you upload to SCM, if you still need to use it, you need to upload a new one before it expires. For details, see Uploading an External SSL Certificate.
To replace the certificate that is about to expire or update the certificate in the corresponding cloud product, manually install the new certificate on your server. A certificate application must be submitted to the CA when you purchase a new certificate or renew a certificate.
You can replace the old certificate with the new one once it is issued. The replacement does not affect services.
- You need to manually renew the certificate or purchase another one 3 to 10 working days before it expires if you have not enabled auto-renewal. If you have enabled auto-renewal, check the SMS notifications, and finish required verification 3 to 10 working days before it expires to ensure that the certificate is valid before the CA validates your verification and issues new certificate.
- After a certificate is renewed, the validity periods of the old and new certificates are described as follows:
- Certificate details not changed
If the certificate details remain unchanged, the actual validity period of the new certificate equals to the remaining validity period of the original one plus the requested validity period of the new one. A maximum of 30 days can be counted towards the validity period of the new certificate. If you have not enabled auto-renewal, you are advised to apply for a certificate 30 days at the earliest before the current one expires.
For example, assume that your current certificate expires on October 1, 2019, and you request a new one-year SSL certificate with the same details from the same CA on August 31, 2019. If the new certificate is issued on Sept. 1, 2019, it will be valid from Sept. 1, 2019 to Sept. 30, 2020.
This rule is formulated, interpreted, and clarified by the CAs. If you have any questions, we will work with you to communicate and negotiate with the CAs.
- Information about the new certificate is modified during manual renewal. For example, the domain name, certificate type, or company name is different from that of the old certificate.
The validity periods of the current and new certificates are calculated separately.
The use of the new certificate does not affect the current certificate. The current certificate can continue to be used until it expires.
- Certificate details not changed
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot