When it comes to maintaining a website there’s a lot to think about.
Am I using the best host? How often should I update content? How do I drive more relevant visitors? Is my website fast enough?
With so much to consider, it’s easy for small technical details to go unnoticed, such as your SSL certificate renewal.
When building your website, you almost certainly added an SSL certificate. After all, doing so provides a better customer experience as well as improved search engine ranking. However, these certificates expire, and it’s up to you to make sure your renew it. But how exactly can you do that?
In this guide, we walk you through everything you need to know about renewing your SSL certificate.
Put simply, an SSL certificate is a digital certificate that indicates to users that they are safe and secure when using your website. SSL stands for Secure Sockets Layer, and it keeps the internet connection secure and stops internet criminals from accessing or editing information that is being transferred between the user and the website.
Most website builders include an SSL certificate in their plans, even the free ones. This means that you won’t have to source one separately and your website will be protected from the get-go.
You can easily tell when a website has an SLL certificate because a small closed padlock will appear to the left of the URL.
Getting an SSL certificate for your website isn’t just a one-time thing. They have expiration dates hardcoded into them and therefore need to be renewed. This built-in expiry typically lasts two years and acts as a tool to ensure that all websites with an SSL have the latest Transport Layer Security (TLS) version and cyphers.
If you fail to renew your SSL certificate, there can be some negative impacts on your website and visitor experience. For example, when you don’t have an SSL, most web browsers will issue a warning to visitors on your site, highlighting that your site may not be secure. This can lower trust in your site, and although this is bad news for all websites, it’s especially negative for online stores.
There is also evidence to suggest that having an SSL certificate can positively impact your search engine rankings. Letting it lapse can lower traffic volumes from this valuable source.
Finding out when your website’s SSL certificate expires is pretty simple, although the steps may vary based on the web browser you use. Below we outline how to check an SSL certificate expiry date using Google Chrome.
- Click the padlock at the left-hand side of the website URL.
- Click ‘Connection is secure’
- Click ‘Certificate is valid’
- Under ‘Validity Period’ see ‘Expires On’ date
Once you know when your current SSL certificate expires, all you need to do is make sure that it renews on time. Below, we’ll take you through the steps required to keep your SSL certificate up to date.
To begin, you’ll need to create a Certificate Signing Request (CSR) to renew your SSL certificate.
This request will need to be generated on the same server that you plan to install your SSL certificate. The CSR will include crucial information that will be included on your SSL certificate such as common name, organization, email address, and country.
The steps you need to take to generate a CSR vary widely based on the server you use. You can find instructions for creating a CSR on most common servers here.
The next step is to select and activate your SSL.
As you are renewing your certificate, it is unlikely you will need to do much research at this point, as most sites will tend to opt for the same provider and SSL certificate they previously held. However, you may want to take some time to assess the options available to you. For example, most providers will often offer two certificate lengths – one or two years.
Once you have selected the certificate you want, you will need to fill out the necessary details and pay for it before you can activate it.
You are now ready to validate your certificate.
You need to do this to prove that you are the owner of the domain and have permission to apply an SSL certificate to it. This can usually be done in one of three ways:
- Via email validation (validate ownership by using an email address associated with the domain)
- Via DNS validation (validate ownership by using CNAME records)
- Via HTTP validation (validate ownership by uploading a file to the server hosting your domain)
Which one you use is up to you, although email validation is typically the least technical and fastest solution. Simply pick your method and follow the steps outlined by your certificate provider.
Once validated, the final step is to install your SSL certificate on your website.
How you do this will depend on where you host your site and who you purchased your SSL certificate from. Each provider should give you precise instructions, which follow a similar pattern to those outlined below:
- Open the CPANEL for your website
- Access the SSL/TLS section
- Select to manage sites
- Fill out the ‘Private Key (KEY)’ field and enter the contents of your .crt file
- Under certificate click ‘install certificate’
Your SSL should now be installed and ready to go. You can pat yourself on the back and forget about it…but don’t forget to set your reminders to renew it based on your selected expiry date.
Although renewing your SSL certificate may not be the most exciting part of running a website, it’s a crucial step in ensuring an optimal user experience. We strongly recommend setting reminders to ensure that your SSL certificate doesn’t expire. Then simply follow the four steps we have outlined in this article and your SSL worries will be a thing of the past.