How to Renew an SSL Certificate
Renewing an SSL certificate is essentially the same as getting a new one, but with the added benefit of "carrying over" your remaining time. At Nixzoehost, we notify you 30 days before your expiration so you can start the process early and avoid any "Not Secure" warnings.
Follow these four steps to renew your security for another term.
Step 1: Purchase the Renewal
-
Log in to your Nixzoehost Client Area.
-
Navigate to Services > SSL Certificates.
-
Locate your expiring certificate and click the Renew Now button (this button appears 30 days before expiration).
-
Complete the checkout process. Once paid, a "Renewal Credit" will be added to your account.
Step 2: Activate the New Certificate
Even though you are renewing, the Certificate Authority (CA) needs a fresh request to issue a modern certificate.
-
In your SSL Certificates list, click Activate next to the new renewal credit.
-
Generate a New CSR: Go to your cPanel > SSL/TLS and generate a new Certificate Signing Request.
-
Note: While some systems allow old CSRs, we strictly recommend a new one for 2026 security compliance.
-
-
Paste the CSR code into the activation form on the Nixzoehost site.
-
Select your Validation Method (Email, DNS, or HTTP).
Step 3: Complete Domain Validation (DCV)
The CA must verify you still control the domain.
-
Email: Click the link in the approval email sent to your administrative address.
-
DNS: Add the provided CNAME record to your DNS settings.
-
HTTP: Upload the unique text file to your
.well-known/pki-validation/folder.
Why validate again? In 2026, CAs are required to re-verify domain ownership every time a new certificate is issued to prevent "domain hijacking."
Step 4: Install the Renewed Certificate
Once the CA emails you the new files:
-
Go to cPanel > SSL/TLS > Manage SSL Sites.
-
Select your domain and click Autofill by Domain.
-
Replace the old Certificate (CRT) and CA Bundle with the new ones you just received.
-
Click Install Certificate.
Renewal Pro-Tips
-
The 30-Day Bonus: If you renew 30 days early, Nixzoehost and the CA will add those 30 days to your new certificate. You don't lose any time by being proactive!
-
Update Your Links: If you are renewing a Wildcard SSL, remember that you must update the certificate on every subdomain and server where it is used.
-
Check for "Mixed Content": After renewal, visit your site and ensure the padlock is still green. Sometimes new browser updates in 2026 require you to force-update internal image links from
httptohttps.