Renewing a standard SSL Certificate
Note
There are a few important things you should note about renewing an SSL certificate before continuing with this document.
Sixty days before the certificate expires, you will begin receiving renewal notices.
Note
Starting March 15, 2026, Sectigo certificates are valid for a maximum of 200 days due to CA/Browser Forum lifetime reduction requirements. You will need to purchase a new certificate before it expires to maintain uninterrupted coverage.
We encourage you to plan the renewal of your certificate to occur at least one week before the expiration to avoid downtime or issues caused by possible renewal delays.
These are the steps to renew your standard certificate:
Renewing a certificate
- Log into DNSimple with your user credentials.
- If you have more than one account, select the relevant one.
- On the header click the tab, locate the relevant domain, and click on the name to access the domain page.
-
Scroll down to the section, and find the active SSL certificate. Click to start the renewal.
If you can’t see the button, the certificate is either expired or not in a state that allows a renewal.
-
Follow the instructions to purchase the certificate renewal.
- Check the certificate common name matches the one you want to renew.
- ECDSA is selected for you by default, but you can select RSA as the signature algorithm if your particular scenario requires it.
- Leave the CSR option unchecked, unless you really need to provide a custom CSR. The easiest thing to do is to have us automatically generate the CSR (and a new private key to go with it).
- Submit the order.
Note
The certificate renewal price will be held on your card immediately. Your card will be charged once the new certificate is issued. If the issuance fails, funds will be released.
Next steps
Once you order the certificate, you will have to go through the steps of configuring, verifying, and installing the certificate in order to receive the certificate.