Renewing SSL Certificates
Once the SSL Certificate expires, it is not possible to extend its expiry date. To extend the date we need to sign a new CSR with new or existing business details and install that fresh certificate on the server.
How to Renew
- Generate a Certificate Signing Request (CSR).
- Select the certificate and choose a 1 or 2-year validity period.
- Fill in the required details.
- Click Continue.
Certificates expire to ensure they adhere to the latest security standards and confirm the control of the current owner. New certificates incorporate updated security standards and re-verify domain control and identity.
Viewing and Understanding Certificate Expiry
To view a certificate’s expiration date:
- Click the padlock icon in the address bar.
- Click on the three dots in the top right corner.
- Find the expiration date listed under Account Details.
The certificate expiration date is encoded in its body and cannot be changed. To continue secure connections, a new certificate with a longer validity period must be installed on the hosting server.
The registry ValidityPeriod value defines the lifetime for certificates issued by a CA. After setting the desired validity period, restart the CA services. Remember, a CA cannot issue a certificate that lasts longer than its own — to extend subordinate CAs’ validity periods, renew the Root/Parent CA certificate first.