How to Fix an Expired SSL Certificate on Your WordPress Site
It’s very unfortunate that SSL certificates sometimes expire and have to be renewed. When this happens, all of the traffic that is normally handled via secure HTTPS connections is suddenly dropped by the browser, causing irritation, loss of sales, and sometimes even lost revenue.
WordPress is an incredibly popular content management system used all over the world, and, as a result, has a fairly high rate of error when it comes to handling SSL certificates. Because of this, it’s very easy for an expired certificate to be introduced into production, leading to huge amounts of stress and headache for those who are tracking the issue.
Renewal Is As Easy As 1-2-3
Let’s say you’re using the WordPress free version. When your SSL certificate expires, you’ll need to renew it promptly. The easiest way to do this is via the WordPress dashboard, as indicated in the following screenshot:
From here, you can click on the “Dashboard” tab to access your site’s settings. On the right, you’ll see a green button with the text “Visit Website”, as shown in the following screenshot:
When you click on this, the WordPress login screen will appear, allowing you to login and renew your certificate. Simply enter whatever you used to book your website and click on the “Login” button.
From here, you can also renew your certificate via a few different methods, as indicated by the buttons at the bottom of the page:
You can either do this through the WordPress dashboard or by sending an email to [email protected] from the email address associated with your account. (More on this below.)
Two Methods For Renewal
The first method, via the WordPress dashboard, is very easy to use and will automatically renew your certificate when you log in. However, if this is the first time you’ve ever touched your website’s settings and don’t know how to renew your certificate, then you might need some help from an expert.
The second method, sending an email, provides you with information on how to renew your certificate. This method is a bit more involved, but allows for complete customization of your renewal email content. In the next section, you’ll explore this second method in detail.
Step By Step Guidance Will Help
To begin, navigate to your WordPress dashboard from your browser. If you’re using a desktop computer, then open up your browser’s file manager and navigate to the WordPress folder on your hard drive. On a Mac, this would be in the “/Applications/ folder” or in the “Applications folder” of your home directory. (On a Windows computer, it could be in either of these locations.)
Once you’re in your WordPress dashboard, click on the gear icon in the upper right corner to access your site’s settings. Now, to renew your certificate, click on the “SSL” option directly under the “General” heading.
A dialogue box will appear, prompting you to enter the email address used to register your website. As a best practice, you should use a separate email address for administrative purposes (like renewals and password resets).
Simply enter a new email address and click on the ‘Send Test Email’ button. An email will be sent to the address you entered with a link to activate your certificate. Once you’ve activated it, you can close the window.
If you followed the instructions exactly, then you should see the green verification symbol along with the text “Your certificate has been activated.” You’re very close to being able to publish content on your website without worrying about certificate security!
Customizing The Renewal Email
The second method, sending an email, is a lot more involved than the first, but gives you a lot more control over the content of your messages. This is especially useful if you’re not tech-savvy or if you’d like to ensure that your messages are concise and easy to understand.
To begin, you’ll need to navigate to the Dashboard area of your WordPress dashboard. (Use the gear icon in the upper right corner to do this.) Once you’re there, click on the “Settings” tab, as indicated in the following screenshot:
A dialogue box will appear, prompting you to enter the email address used to register your website. As a best practice, you should use a separate email address for administrative purposes (like renewal and password resets).
Simply enter a new email address and click on the ‘Send Test Email’ button. An email will be sent to the address you entered with a link to activate your certificate. Once you’ve activated it, you can close the window.
If you followed the instructions exactly, then you should see the green verification symbol along with the text “Your certificate has been activated.” You’re very close to being able to publish content on your website without worrying about certificate security!
More Control With The Command Line
If you’d like, you can also control your certificate via the command line. To do this, simply type the following into your terminal window (this will return you to the command prompt):
sudo nano /etc/pki/tls/certs/NAME-OF-YOUR-CERTIFICATE/config
From here, you can add your email address, as shown in the following screenshot:
Simply type your email address into the space provided and press the “Enter” key. Your email address will then be appended to the file. Next, you’ll want to remove the name of the company that issued your certificate from the file (this shouldn’t be necessary, but it’s better to be safe than sorry):
To do this, simply remove the text in front of the “[email protected]” tag by pressing “Ctrl+X” (or “Delete”) followed by “Y” (or enter). Pressing “Y” to confirm will remove the text and make your certificate inaccessible via SSL. Only the administrator will be able to access this information now.
Once you’ve fixed this issue, test your newly-renewed certificate by navigating to your WordPress dashboard from your browser. If you’re using a desktop computer, then open up your browser’s file manager and navigate to the WordPress folder on your hard drive. On a Mac, this would be in the “/Applications/ folder” or in the “Applications folder” of your home directory. (On a Windows computer, it could be in either of these locations.)
Once you’re in your WordPress dashboard, click on the gear icon in the upper right corner to access your site’s settings. Now, to test your newly-renewed certificate, click on the “SSL” option directly under the “General” heading.
You’ll see a dialogue box appear, prompting you to enter the email address used to register your website. As a best practice, you should use a separate email address for administrative purposes (like renewal and password resets).
Simply enter a new email address and click on the ‘Send Test Email’ button. An email will be sent to the address you entered with a link to activate your certificate. Once you’ve activated it, you can close the window.
If you followed the instructions exactly, then you should see the green verification symbol along with the text “Your certificate has been activated.” You’re very close to being able to publish content on your website without worrying about certificate security!
As you can see, there are several different ways to handle SSL certificate renewals in WordPress. This issue is fairly common and affects many sites, so it’s important to know how to tackle it when it does arise. By following the above guidance, you can ensure that your site remains secure no matter what.