Need help setting up SSL for my website

I don't know anything about SSL stuff. I only know that they help you make your website secure, or look secure.

My domain is (

But I am getting a notification that says my license wilI expire on {Sep 12, 2021 at 2:51:37 AM UTC. At the time of this notice, the certificate will expire in 13 days, 23 hours, 12 minutes, and 19 seconds.}

But when I visit the website, it shows me that the website is not secure.

How do I renew the license, and install it on the website to make it secure again?

Needing your helps seriously. I'm a novice in these matters and you should all please tolerate me.


Hi @Clean_Gist, welcome to the LE community forum :slight_smile:

You have two ways to reach your site:


The first will never be considered as secure; The second can be.
Try viewing your site via the second one.

1 Like

Perhaps, but you should help us help you--by, for example, actually answering the questions you were presented when you started this topic. The most important ones, I think, are who's hosting your website, and on what kind of a hosting plan? And what, if anything, did you do to get the cert in the first place?

There are at least two issues going on here. One, as @rg305 has identified, is that your site isn't set up to redirect HTTP requests to HTTPS--so if you don't explicitly tell your browser to go to https://..., it will load the site over HTTP, which is insecure.

The second issue is that the cert, while still valid, wasn't renewed when we'd ordinarily expect that to happen. Let's Encrypt certs are valid for 90 days, and ordinarily renewed after about 60 days by an automated process--obviously that didn't happen here. But without knowing how you obtained the cert in the first place, there really isn't any way to say how you should fix it.


I typed into my browser directly, and my website came up secured. But this is a problem for me because most users will not bother with typing the protocol (https://) into their browsers to access my website. They will just type the Domain Name directly {} into their browsers, and expect the secure website to simply pop out.

Is there a way to ensure that when you type your domain only directly into the browser search bar, it should bring up your secure site automatically?


Yes, that is commonly handled with HTTP to HTTPS redirection.
Basically the HTTP site simply returns a "We have moved; Please come see us at our new address" sign. A sign which reads "HTTPS://{whatever-they-typed-in}".

And with HTTP Strict Transport Security (HSTS) you can make sure any browser already having visited your HTTPS site, will always connect to HTTPS directly and will refuse to connect to HTTP. This can also be "preloaded" into browsers, so browsers will bypass HTTP entirely!

Note that HSTS can break your site if for some reason HTTPS gets disabled or dysfunctional for any reason.

Superficially it looks like a WordPress setup with BBpress to add a forum

so your wordpress setup needs to have it setup for https redirect and the forum can use a wildcard or specialized certificate depending on the needs

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.