Certificate Management Service:Certificate renewal

Renewal

• If your certificate has expired, you cannot renew the certificate. You must purchase a new certificate. For more information, see Purchase SSL certificates.

• After a certificate is renewed, the new certificate is independent of the original certificate. You must submit an application for the new certificate and install the new certificate after it is issued.

Remaining validity period

The remaining validity period of an original certificate can be carried over to the new certificate. For example, a certificate expires on August 1, 2024. If the certificate is renewed and the new certificate is issued on July 20, 2024, the validity period of the new certificate starts on July 20, 2024 and ends on August 1, 2025.

The remaining validity period of a certificate that you renew cannot be carried over to the new certificate in the following scenarios:

• The specifications of the new certificate are different from the specifications of the original certificate. The specifications include Domain Type, Certificate Type, and Brand.

• The original certificate is a third-party certificate that is uploaded.

• The original certificate is expired and the new certificate is newly purchased.

Prerequisites

• The remaining validity period of the certificate is less than 30 calendar days. The Renewal purchase button is displayed for a certificate only within 30 calendar days before the certificate expires.

• The certificate is issued by GlobalSign.

Procedure

1. Log on to the Certificate Management Service console.

2. In the left-side navigation pane, choose Manage Certificates > SSL Certificate Management.

3. On the SSL Certificate Management page, click the Official Certificate or Manage Uploaded Certificates tab, and select Pending Expiration from the certificate status drop-down list.

4. In the certificate list, find the certificate that you want to renew and click Renew in the Actions column.

5. Follow the instructions in the Certificate Renewal panel to complete the payment.

   The system automatically specifies the same values for the parameters as those of the certificate you want to renew. You do not need to modify the values. After the certificate is renewed, the new certificate appears below the original certificate that is about to expire. The icon is displayed to the left of the new certificate. The icon indicates that the new certificate is associated with the original certificate. The validity period of the original certificate remains unchanged.

   The new certificate is in the Pending Application state. You must perform operations, such as submit an application for the new certificate and cooperate with the certificate authority (CA) staff, to complete the verification of domain name ownership and the review of application materials. After the CA approves the certificate application, the CA issues the new certificate. For more information, see Apply for a certificate.

   Note

   If Not Activated is displayed in the Status column for a new certificate, the new certificate is hosted. If the validity period of the original certificate is less than 30 days, the system submits an application for the new certificate. To prevent your business from being affected due to an application failure, you must cooperate with the CA staff to complete the certificate application. If a certificate in the Not Activated state is canceled, the consumed certificate quota is returned.

References

• For more information about how to submit a certificate application for a new certificate, see Apply for a certificate.

• For more information about how to deploy a new certificate to your Alibaba Cloud service or install the certificate on your web server after the certificate is issued, see Installation overview.