If the certificate of your website expires, the website becomes inaccessible, and other potential business risks may occur. We recommend that you pay attention to the validity period of your certificate and renew the certificate before it expires. After a certificate is renewed, the new certificate is independent of the original certificate. You must submit an application for the new certificate and install the new certificate after it is issued. This topic describes the limits and process of certificate renewal. This topic also describes the operations that you can perform after you renew a certificate.
Limits
You cannot renew an expired certificate. You must purchase a new certificate. For more information, see Purchase a quota on SSL certificates.
You cannot renew an uploaded certificate.
You cannot modify the specifications of a new certificate. Renewing a certificate is equivalent to purchasing a new certificate. The specifications of the new certificate are the same as those of the original certificate, including Brand, Certificate Type, Domain Type, and Bound Domains.
Carryover of the remaining validity period
If you renew an existing certificate, the remaining validity period of the original certificate is automatically carried over to the new certificate. For example, a certificate expires on August 1, 2024. If the certificate is renewed and the new certificate is issued on July 20, 2024, the validity period of the new certificate starts on July 20, 2024 and ends on August 1, 2025.
If you purchase a new certificate for an existing certificate, the remaining validity period of the original certificate is not automatically carried over to the new certificate. To prevent validity period loss in this case, the CA allows you to manually carry over the remaining validity period to the new certificate, which can be up to 30 days.
Procedure
Log on to the Certificate Management Service console.
In the left-side navigation pane, choose .
On the SSL Certificate Management page, click the Official Certificate tab, and select Pending Expiration from the certificate status drop-down list.
In the certificate list, find the certificate that you want to renew, click Renewal purchase in the Actions column, and then follow the instructions to complete the payment.
The system automatically specifies the same parameter values for the new certificate as those of the certificate you want to renew. After the certificate is renewed, the new certificate is displayed below the original certificate that is about to expire. The icon is displayed to the left of the new certificate. The icon indicates that the new certificate is associated with the original certificate. The validity period of the original certificate remains unchanged.
The new certificate is in the Pending Application state. After you submit a certificate application for the new certificate and complete the verification of domain name ownership, the new certificate is issued. For more information, see Apply for a certificate and Verify the ownership of a domain name.
NoteIf Not Activated is displayed in the Status column for a new certificate, the new certificate is hosted. If the validity period of the original certificate is less than 30 days, the system submits an application for the new certificate. To prevent your business from being affected due to application failure, you must cooperate with the CA staff to complete the certificate application. If a certificate in the Not Activated state is canceled, the consumed certificate quota is returned.
References
For more information about how to deploy a new certificate to your cloud service or install the certificate on your web application server after the certificate is issued, see Installation overview.