We have noticed some of our clients believe renewing an existing SSL certificate means to just pay for 1 more year and the once installed certificate will continue working. But it isn't so in reality.
Actually, renewing an SSL certificate means that a new certificate is issued for your domain and you do the very same steps when you ordered the certificate for the 1st time:
- generate CRS and send a request to renew your certificate. This part is easier this time as it's handled by your administrative panel - all your SSL contact information is copied from the previous certificate.
- you request is processed and a request to confirm the issuance of the certificate is sent to your approval email which must be in the same domain the SSL certificate will be issued for. Please CHECK that you your approval E-mail is active BEFORE requesting certificate renewal.
- after you confirm the SSL needs to be issued, it's issued by the Certification Authority (Comodo, Thawte, VeriSign, etc.) and the certificate file and bundle are emailed to you.
- then you install the certificate on your server like you did the first time. This article explains how to install an SSL certificate. Most control panels handle this task as well and you can find instructions depending on the panel you use.
What if you request a renewal before the current certificate expires.
You don’t have to worry here as the terms add up. That is if your current SSL certificate has 2 more days before expiration, they add up to the validity term of the new certificate you requested for renewal. So you can renew early and install the new certificate beforehand without worrying about possibly loosing some days from your current certificate’s validity term.