Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
  • Blog
  • Pricing
  • Documentation
Yandex project
© 2025 Yandex.Cloud LLC
Yandex Certificate Manager
  • Getting started
    • All guides
      • Adding a certificate
      • Getting the contents of a certificate
      • Domain rights check procedure
      • Renewing a certificate
      • Editing a certificate
      • Deleting a certificate
    • Backups
    • Adding alerts for certificates
    • Configuring access to a certificate
    • Viewing operations with a certificate
  • Access management
  • Pricing policy
  • Terraform reference
  • Monitoring metrics
  • Audit Trails events
  • Release notes
  • FAQ
  1. Step-by-step guides
  2. Certificate from Let's Encrypt
  3. Renewing a certificate

Renew a certificate

Written by
Yandex Cloud
Updated at December 26, 2024

Certificate Manager initiates the certificate renewal procedure 30 days before it expires. The certificate status will change to Renewing.

Note

In some cases, certificates can be renewed without any user action. For more information, see Checking rights automatically.

To update a Let's Encrypt certificate:

Management console
API
  1. In the management console, select the folder the certificate was added to.
  2. In the list of services, select Certificate Manager.
  3. In the list, select the certificate with the Renewing status you need to update.
  4. In the window that opens, you will find the info you will need to pass the rights check under Check rights for domains. For more information, see Checking rights for a domain.
  5. As soon as the domain rights check is passed, the check status under Check rights for domains will change to Valid.
  6. After the check status for all the domains changes to Valid, the certificate will be issued and its status will change to Issued.

To renew a certificate, use the update REST API method for the Certificate resource or the CertificateService/Update gRPC API call.

Note

For a successful DNS domain rights check based on a CNAME record, make sure the _acme-challenge subdomain of the domain name you are checking has no other resource records except CNAME. For example, for the _acme-challenge.example.com. domain name, there should only be a CNAME record and no TXT record.

Was the article helpful?

Previous
Domain rights check procedure
Next
Editing a certificate
Yandex project
© 2025 Yandex.Cloud LLC