The process of renewing your SSL Certificate is almost the same as placing a new order. You may start the renewal within 30 days before the expiration date.
Here are the steps on how to renew your Standard (Domain/IP address) SSL Certificate:
- Click on the “Renew” button on the product page of your expiring SSL Certificate within your SSL Dragon account.
- Complete the payment of the newly created invoice for the renewed SSL Certificate.
- Once the invoice for the renewed SSL Certificate is paid, click on “Back to Client Area” or go to “My Services” section inside your SSL Dragon account.
- Click on the renewed SSL Certificate. Once you are on the SSL Certificate’s details page, scroll down and click on the green button that says “Configure Now”.
- Under the “Order Type” you should choose “Renewal”. This information will go to the Certificate Authority, and they will know that you had an SSL Certificate and you are renewing it. In this way, your new SSL Certificate will be connected to the old one. All remaining days from the previous SSL Certificate will be added to the new one. (An exception to this rule are – Code Signing and CPAC SSL Certificates – unfortunately, the CA’s SSL Certificate management portal for these SSL certificates is not technically capable to match the old and new SSL Certificates.)
- After that, you have to submit a CSR. You can use the old CSR from your previous SSL Certificate, or generate a new CSR. Either way is fine.
- Fill in the rest of the form information for your renewed SSL Certificate.
- Then pass the domain validation, or business validation, or extended validation, depending on what applies to your SSL Certificate.
- When your SSL Certificate is renewed, you need to reinstall the new SSL Certificate on your server. In other words, you need to replace your old/expiring SSL Certificate with the new one which you have just received. The old certificate will NOT get replaced, renewed, or continued automatically.
- If you have a CPAC or Code Signing Certificate from GoGetSSL, Sectigo, Thawte, or DigiCert, then steps 4-5 do not apply to you. You will have to fill in the certificate request form for your CPAC/Code Signing Certificate on the certificate authority’s website further and let us know about the details you field in, as usual. Also, unfortunately, the CA’s SSL Certificate management portal for these SSL certificates is not technically capable to match the old and new SSL Certificates, thus the remaining days from the old SSL Certificate will not be added to the new SSL Certificate.
- If you are renewing a Business Validation SSL Certificate or an Extended Validation SSL Certificate, you will still have to pass the Business Validation or the Extended Validation again. Anyway, the Business Validation and Extended Validation processes are quicker when renewing an SSL Certificate than when getting it for the first time.
- If you own a Multi-Domain (SAN/UCC) SSL Certificate for which you have previously purchased & added additional SANs (domains), don’t forget to include all of them in the SANs field when configuring the renewed SSL.
- If you want to change the validity of the renewed SSL Certificate – e.g. you have a Sectigo PositiveSSL Multi-Domain with 4 SANs (5 Domains) for 2-year SSL, but you what to renew it for 3 years. Then you must order a 3-year SSL of the same type and configuration – a Sectigo PositiveSSL Multi-Domain with 4 SANs (5 Domains) for 3-years – complete the payment, and click on the newly purchased SSL. Then please follow Steps 5-9 from above.