Contact UsGet started

Renew a certificate

Written by
Updated at November 21, 2024

Certificate Manager initiates the certificate renewal procedure 30 days before it expires. The certificate status will change to Renewing.

Note

In some cases, certificates can be renewed without any user action. For more information, see Checking rights automatically.

To update a Let's Encrypt certificate:

  1. In the management console, select the folder the certificate was added to.
  2. In the list of services, select Certificate Manager.
  3. In the list, select the certificate with the Renewing status you need to update.
  4. In the window that opens, you will find the info you will need to pass the rights check under Check rights for domains. For more information, see Checking rights for a domain.
  5. As soon as the domain rights check is passed, the check status under Check rights for domains will change to Valid.
  6. After the check status for all the domains changes to Valid, the certificate will be issued and its status will change to Issued.

To renew a certificate, use the update REST API method for the Certificate resource or the CertificateService/Update gRPC API call.

Note

For a successful DNS domain rights check based on a CNAME record, make sure the _acme-challenge subdomain of the domain name you are checking has no resource records created, except CNAME. For example, for the _acme-challenge.example.com. domain name there should only be a CNAME record and no TXT record.

Previous
Domain rights check procedure
Next
Editing a certificate