Need to renew a client cert - don't have login

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: I have no access to run it - it's a client's site and the cert is expired

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Answer the rest of the questions, please. We have no way of helping with the domain name alone.

We also need to know how the first certificate was obtained.


The only people who can fix an expired certificate are the people who do have access.


You obviously need to have some access to the site. Maybe a control panel?

Let's Encrypt does not have access to your site nor can it somehow renew the certificate on its own.


Whoever created the site got it. I can send you a screen shot of the certs if that will help

It is expiring in 23 days. However, it says it has an expired root and the site can not be accessed.

I’m sorry, I don’t even know what those questions mean. I have never dealt with SSL before. I would answer them if I could but perhaps the cert numbers will help

Ok, if you don't know how it was created you need to check if there's an acme client somewhere.

It doesn't. It says it's revoked. I'll go out on a limb and say it's a bitnami wordpress. Read here if it is:

Good to know. Doesn't help tho!!

Someone else created the site for my client. The client knows nothing about it. I know nothing about it. I can just go somewhere else and buy a new one I guess.

Guess I'll go somewhere else then. Thanks

I can access the site through WP admin. Except I can't get in because it says there's an issue with the root cert so it's blocking me.

That website lives on a virtual machine inside somebody's Amazon Web Services account. This somebody is paying for the machine and has access to it. You must discover who this is or there is nothing you can do about the certificate or website.

1 Like

Can't I just get a new one somewhere else?

If you want to replace the entire website, you can point the domain name to a different IP address.

Assuming you have access to the DNS panel for that domain name.

1 Like

Why would I need to replace the website? I know where it's hosted and have access to the back end of the site.

Ok, do you have access to the shell of the machine hosting the website?

Because that's what you need to replace/renew that certificate, using the procedure I linked above.

1 Like

Those browser warnings can be overridden. Click on "advanced" or something similar and make an exception.

Getting a certificate usually is the easy part. Without access to your sites configuration (shell access as root or a control panel), you won't be able to actually install the certificate. Heck, you could buy a new certificate for many $$$, but you won't be able to use it. So with that in mind, it doesn't matter whether you get a new LE cert or go somewhere else.


Unless HSTS comes into play, I guess. (search "bypass hsts in «yourbrowser»" if you don't see where to add the exception -- and immediately forget how to do this)

1 Like

You know, I've never dealt with an SSL cert before, and I'm following the instructions and the link that the host gave me and told me to follow. I might as well be in a foreign county, because I know nothing about this. Either does my client. It's past 7:30 on a Friday night and I've been trying to get this solved all day. So I'd really appreciate it if you kept your sarcasm to a minimum. I came here for help because there's no way to contact an actual person and explain what has happened. I am admittedly completely ignorant, but I didn't ask for this problem to fall in my lap. It did. Instructive help would be appreciated. If there is none, there is none. I'll solve it some other way. But don't be rude.