Our SSL provider now limits the maximum validity of each certificate to 199 days. As a result, we are updating our processes. The order process for 1-year SSL certificates remains the same. The change affects only the certificate validity period and we are adding automation to ensure your certificates stay active without any extra effort.
Let's take a deeper look at this:
Changes and Impact
1. What is changing?
When you buy a 1-year SSL, the certificate will be issued for 199 days instead of a full year.
Before it expires, we will automatically reapply for a new certificate so your site stays covered for the full year you purchased.
2. What is not changing?
Your SSL certificate will stay at the same price. You will still buy a 1-year SSL certificate and get a full year of SSL protection. We will just reissue mid-year to provide with the provider's new 199 days rule.
We will remind and support you with renewal reminders and there is no changes to your hosting product, just the SSL certificate.
3. Why is the validity now 199 days?
Our SSL provider is enforcing a shorter maximum certificate period. We will reissue your SSL certificate automatically during your 1 year term to ensure your site remains compliant and secure.
Ordering and Reissue Process
4. How will my 1-year SSL order work from now on?
- Place your 1-year SSL Order.
- We issue the first certificate with 199 days validity.
- We notify you ahead of expiry to prepare you for your CSR (Certificate Signing Request).
- 30 days before expiry, we create a follow-up SSL order ($0) to re-issue your certificate.
- You upload the CSR.
- We issue your new certificate and notify you when it’s ready.
- Your SSL coverage continues for the full year without any interruptions.
Thus, we will notify and ask for your CSR when we need to create the follow-up SSL order and provide your new certificate when ready to ensure that you are covered for the full year for your 1-year SSL certificate.
5. What do I need to do?
When we ask for your CSR, please upload your CSR promptly.
We will send reminders at 30 days and 15 days before your current certificate's expiry. If you use our CSR generation guide and template, the steps are very simple. We will also send you a reissue order for $0 in your account, created 30 days before expiry.
Please note: If your web server or control panel can generate a CSR (e.g. cPanel, Plesk, IIS or Nginx), you may use that and upload it.
6. Will I be charged again for the mid-year reissue?
No. The reissue is included in your 1-year purchase. The system creates a $0 (free) reissue order about 30 days before the certificate expires. We just require your CSR submission as an approval.
Managing Certificates
7. Where can I view my current SSL Certificates and their expiry dates?
You can view your SSL certificates under the "SSL Certificates" sub-menu in your account dashboard. The page includes 2 dedicated sections:
- Current SSL Certificates
This dedicated section displays all of your active certificates including your certificate name, SSL type, Create date, Expiry date and CSV Download Link (where available).
This helps you keep track of the 199-day cycle and upcoming expiries.
- SSL Certificates in Progress
This shows any SSL certificates that are awaiting CSR upload, being automatically reapplied, In validation or Pending completion.
Each entry also displays the Expected Expiry Date, so you know when action might be required.
This feature makes it easy to review active SSLs, monitor re-issuing cycles and follow up on certificates that may need your attention.
8. What notifications will I receive?
You will receive the following notifications:
- Order Confirmation: Immediately after your 1year purchase (explains the automatic reapply)
- CSR Reminder: 30 days before expiry. Please get your CSR ready.
- CSR Reminder: 15 days before expiry. Please note this is your final preparation reminder.
- AutoReapply Created: 30 days before expiry and that $0 reissue order created. Please upload your CSR.
- Certificate Ready: After validation/issuance, we’ll notify you your new certificate is available (and install it if your service includes automatic installation).
9. Do I need to change anything on my hosting?
No. Your hosting products remain the same.
Please note that if your plan includes automatic SSL installation, we will handle that for you after issuance. If your plan doesn't include this, we'll provide the new certificate bundle for you to install.
CSR Guidance
10. I don't know what a CSR is - What is it and what should I do?
A CSR is a Certificate Signing Request, which is basically a small file generated on your server that helps create your SSL certificate.
Use your control panel (e.g. cPanel/Plesk/IIS) to generate it
You will need:
- Common Name (CN): your domain (e.g., www.example.com)
- Organization details (for OV/EV certificates)
- Key length: 2048bit or higher
- Country/State/Locality matching your legal entity (OV/EV)
If you have any questions, our support team can guide you through the process.
11. What if I don't upload a CSR in time?
Your certificate may lapse at the end of its 199-days validity. We will keep reminding you, but won't be able to reissue a new certificate without a valid CSR.
Certificate Types and Changes
12. Does this affect DV, OV and EV certificates differently?
DV (Domain Validation) handles validation the fastest with validation done on domain control.
Meanwhile, OV and EV may require organisation and identity validation. If your validation paperwork stays current, the mid-term reissue is typically faster. Please respond promptly to any validation requests.
13. What if I need to change domains, SANs or move servers?
Changing domains or SANs will often require a new CSR and may trigger validation again. If this happens, please tell us as early as possible.
Moving servers will require a new CSR on the new server and upload it at reissue time. We will prompt you during this process.
Lastly, for wildcard certificates, this is still supported, but please make sure your CSR uses a wildcard CN (e.g., *.example.com).
Policies and Best Practices
14. Can I cancel or get a refund?
Standard cancellation and refund polices apply to your purchase term. The $0 reissue is part of your term and is not billable separately.
15. Discover our recommended security best practices.
- Keep your private key secure and never share it.
- Use 2048-bit or stronger keys.
- Rotate keys if you suspect compromise and please contact our support team immediately.
- Maintain updated contact emails so you receive all reminders.