Discuss with expertTry it for free
© 2026 Direct Cursus Technology L.L.C.

Renewing a certificate

Written by
Updated at April 30, 2026

Certificate Manager initiates a certificate renewal 30 days prior to its expiration. The certificate status will change to Renewing.

Note

In some cases, a certificate renewal requires no user input. For more information, see Checking rights automatically.

To renew a Let's Encrypt certificate:

  1. In the management console, select the folder you added the certificate to.
  2. Navigate to Certificate Manager.
  3. Select the certificate in the Renewing status that you need to renew.
  4. Under Check rights for domains, you will see the details required to pass the domain rights check. For more information, see Domain rights check.
  5. As soon as you pass the domain rights check, its status under Check rights for domains will change to Valid.
  6. After the check status for all the domains changes to Valid, a certificate will be issued and its status will change to Issued.

To renew a certificate, use the update REST API method for the Certificate resource or the CertificateService/Update gRPC API call.

Note

For a successful DNS domain rights check based on a CNAME record, make sure the _acme-challenge subdomain of the domain name you are checking has no other resource records except CNAME. For example, for the _acme-challenge.example.com. domain name, there should only be a CNAME record and no TXT record.

Previous
Passing a domain rights check
Next
Editing a certificate