Need to renew RapidSSL certificate? Here are your step-by-step instructions for the SSL renewal process
In this RapidSSL certificate renewal instruction guide, we cover the top questions people tend to ask about SSL certificate renewals. In the first half, we go over the steps to renew the RapidSSL certificate. In the second half, we cover all the frequently asked questions (FAQs) regarding SSL renewals.
Renew RapidSSL Certificate in 4 Easy Steps
Note: The same steps are applicable for renewing DigiCert, GeoTrust, and Thawte SSL certificates (if you purchased them from RapidSSLonline).
Step 1: Renew an Expiring (or Expired) Certificate in Your Account
Existing customers: Log in to your account. If your certificate will expire within 30 days, you’ll see a renew option besides the SSL certificate. If your SSL certificate already expired, you’ll still see the renewal option listed on your account.
Simply click on Renew now and make the payment. Follow the instructions from step two.
If you want to change the certificate type or brand, follow the procedure stated below for the new customer.
New customers: Select the right SSL certificate for your website from RapidSSLonline.com. Instead of clicking “Add to Cart,” click on the Renew Now button. Fill the form and make the payment.
Step 2: Generate a certificate signing request (CSR) code, which is also known as the public key.
Select the server type from our CSR Knowledgebase. This site has resources to guide you through the entire CSR generation process that include screenshots from actual servers and easy-to-follow instructions.
Once the CSR code is generated, copy the entire code, including the lines —-BEGIN NEW CERTIFICATE REQUEST—– and —–END NEW CERTIFICATE REQUEST—–.
Step 3: Submit the CSR code to the issuing certificate authority (CA)
- Log in to your account.
- Go to My Orders and click on Generate.
- This button will take you to the following page:
- On this page, write your domain name in the Common Name field. Don’t write the WWW version of the domain. For a wildcard SSL certificate, write the website name in *.yourdomain.com format. For a multi domain certificate, list all of the domains you wish to cover with a comma separating each of them.
- Select the domain verification method. For OV and EV SSL certificates, the CA will further ask some additional company information later.
- Click on Generate.
- This button will lead you to the page where you need to paste the copied CSR code.
Step 4: Complete the Validation Process
Once you send the CSR code to the CA, you’ll be asked to complete the validation process as per the type of SSL certificate you have selected. The domain ownership verification is common for all the certificate types. You will be asked to either click on a verification link that will be sent via email, or upload a unique file on your server.
For OV and EV SSL certificates, you have to go through the validation process again at the time of renewal. If you’re an existing customer, the verification process will take much lesser time, though.
Step 5: Install the Renewed SSL Certificate on the Server
Once the validation process is complete, the certificate authority will generate the SSL certificate. You will receive all the needed SSL certificate files via email. Follow this Installation Guide to install the SSL certificate on your server.
Congratulations! You have successfully renewed your RapidSSL certificate! As you can see, the RapidSSL certificate renewal process involves almost the same steps as buying a new one.
Having issues? No worries. We’ve put together a list of the most commonly asked questions to help:
How to Renew RapidSSL: Frequently Asked Questions (FAQs)
No. You must generate a new CSR code to renew your SSL certificate. The rule is the same for all the certificate authorities and certificate types.
Yes, but there is an easier option: Buy a multi domain SSL certificate or multi domain wildcard SSL certificate. You can secure all of your websites and/or subdomains under a single SSL certificate (depending on the type of certificate you choose). This not only will save you money, but it will also make certificate management easier. Plus, you need to go through the entire SSL renewal process just one time!
Yes, you can change the CA, brand, and type of certificate at the time of the renewal. This means that you can upgrade from a domain validation (DV) certificate to one that offers organization validation (OV) or even extended validation (EV). You also can upgrade from a single domain SSL to a multi domain, wildcard, or even multi domain wildcard SSL certificate.
NOTE: If you switch CAs, you will not be able to carry over time for your early certificate renewal, and you will be required to complete the full business validation process again (if applicable) to your certificate.
Of course! In fact, it’s highly recommended that you renew all SSL certificates as early as 30 days before their expiry dates.
If the SSL certificate expires before you can renew it, your website will be unprotected and insecure from the minute the SSL certificate expires. Plus, all web browsers will show “Your connection is not private” or “Warning: Potential Security Risk Ahead” warning messages to your website visitors. This will ruin your website’s reputation and reduce web traffic. Such security warnings will make it way easier for hackers to spot insecure websites, making it even more vulnerable to cyber-attacks and data theft.attacks and data theft.
No. If you buy an SSL certificate from RapidSSLonline, we’ll add all of the remaining time (up to 30 days) to your new certificate. For example, if you renew your certificate one month before its expiry date, and you renew it for one year, this means we’ll issue a new SSL certificate for 13 months instead of 12.
Now, you’ll see two SSL certificates on your server, which totally normal. Once your existing SSL certificate expires, the server will automatically shift to the new certificate. This is the most risk-free and simple way to keep your website secure.