How to renew an SSL certificate?

PositiveSSL & EssentialSSL Certificates renewal
InstantSSL, PremiumSSL and EV SSL Certificates renewal
Multi-Domain Certificates renewal
Further steps
Use the CSR generated manually

Renewal of the certificate is available only within 30 days before its expiration.

Renewal notices are sent 30, 15, 7, 3 and 1 day before the certificate expiration.

Expired certificates cannot be renewed. In this case it is necessary to purchase a brand new certificate.

The certificate that is about to expire will have the status Due in the certificate list.

To purchase a renewal, click on the ‘Due’ status and select ‘Renew’ from the dropdown.

renew_1.png

The certificate will be added to the shopping cart. Complete the checkout and follow these steps:

  • Click on your email address in the top right corner of the home page:

renew_2.png

  • Locate the renewal certificate you have purchased, click on the ‘New’ status and choose ‘Activate’.
  • Locate the renewal certificate that has been purchased, click on the status ‘New’ and then on the ‘Activate’ button.

renew_3.png

PositiveSSL, EssentialSSL, PositiveSSL Wildcard and EssentialSSL Wildcard renewal process:

Step 1. Save new key

You can download the key generated for the domain in your browser or submit a manually generated CSR.

Note: Both 'use browser to create files' and ' and 'create it on your server' options support IDNs with the following TLDs. Prefer pasting the IDN instead of typing to ensure further process goes smoothly.

To use the CSR generated in your browser:

  • Click on the ‘key’ button to save your private key generated for the entered domain.

renew_4.png

  • Click ‘Almost there’ to proceed.

To use CSR generated manually.

Step 2. Review

renew_6.png

InstantSSL, EV SSL, InstantSSL Pro, PremiumSSL, PremiumSSL Wildcard and EV Multi-Domain renewal process:

Step 1. Save new key

You can download the key generated for the domain in your browser or submit a manually generated CSR.

To use the CSR generated in your browser:

  • Click on the ‘key’ button to save your private key generated for the entered domain.

renew_4.png

  • Click ‘Almost there’ to proceed.

To use CSR generated manually.

Step 2. Pick company

We will pre-fill the information from the previous certificate. Make sure that the details are correct and appear as they are in the governmental or business directories such as (Yellow pages, Duns & Bradstreet etc.).

pick_company.png

Step 4. Review & Submit

reissue_review_details.png

After the activation is done, proceed with validation.

For Multi-Domain certificates, please follow these steps:

Generate a new CSR code. You may request the CSR from your hosting provider or generate it yourself. Check our CSR generation instructions for reference.

Step 1. CSR info

  • Copy and paste the CSR code generated for the certificate renewal.

renew_7.png

If you receive an error message regarding the CSR code parsing or Invalid CSR code, please check the related article.

Step 2. Domains

  • Select the server type the certificate will be installed to.

renew_8.png

  • Check the domains (SANs) that will be secured by SSL and click ‘Onward’ (otherwise, re-generate the CSR according to prompt messages and start the process again).
  • You may add more domains using the ‘plus’ button.

add_sans.png

Step 3. Domain ownership

  • Choose the domain control validation method for the reissue, either one of the approver email addresses or uploading a text file.

‘Upload a file’ DCV method is not available for OV/EV certificates.

renew_10.png

Step 4. Contacts

  • Confirm or change administrative contact information.

renew_11.png

Further steps

After the renewal is submitted, you need to complete Domain Control Validation process to have the certificate issued.

OV and EV certificates will require additional company verification process.

In order to change the selected DCV method or force HTTP/DNS check, use Comodo Order Status panel or contact SSLs.com Support.

After the certificate is validated, the certificate files will be sent to the SSL administrative email.

Do not forget to install a new certificate on the server replacing the old one.

You can use the CSR generated manually

 

  • Click ‘create it on your server’.

auto_csr_manual_1.png

  • You may use one of the pre-generated commands that fit your server software (OpenSSL or Windows) to generate the CSR.

auto_csr_manual_2.png

  • Hover over the command in the 'Run Command' field, click to copy it and use on your server.

auto_csr_manual_3.png

auto_csr_manual_4.png

  • Click ‘Onwards’.