Need to renew my SLL certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: my certificate is expired I need to pay to renew

It produced this output: need to renew cert

My web server is (include version): microsoft edge google chrome

The operating system my web server runs on is (include version): 10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): i don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): n/a

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

No, you don't--Let's Encrypt certs are always free. But since you've told us nothing at all about how you got the cert, we can't really tell you how to renew it.

There are a few other relevant questions: (1) is this actually your website? Because if it isn't, you won't be able to renew anything; you'll need to get in touch with the site owner to do so. (2) Where do you have this site hosted, and what kind of hosting do you have? If is operating the site, they should be able to renew the cert. (3) The cert for this domain expired almost three months ago--why is it a problem today, rather than four months ago when you ordinarily would have been notified (if it is in fact your site) that the cert was expiring)?


I honestly do not know how. I was told by Turbify we had rackshack then they told me it was tucows. After more digging I am told it is held with lets encrypt. If it was free then it would not have expired 1/31/23. I am a total novice. I just need to get my website ssl cert renewal so my customers can go onto my webiste without warning it is possibly unsafe.

1 Like

it is my website it is my company I am the owner

1 Like

The cert didn't expire 1/31/23; it expired 5/1/23. And that has nothing to do with it being free, nor does it have anything to do with any hosting plan you may have, whoever it may be with.

...and you've just come to this realization now, nearly three months after the cert expired?

If you don't know who's hosting your website or how, I don't know there's much we can do to help you. If you do know who's hosting it (Tucows is a very old name on the Internet, but my familiarity with them is from long before they started doing web hosting), I'd get in touch with their support to see what they need to do to renew your cert.


I have tried they do not answer any of their lines. Tried all prompts. left a message last Thursday to a person I could only find putting in first 3 of a last name. Was my only hope to try to get someone.

also my validity period with lets encrypt states May 1, 2023 as expired date. So, again if its free then wy the expiration date?

Many hosting companies setup an easy way to get certs from Let's Encrypt. The process must be repeated every 60 days or so as the certs are only good for 90 days. So, your automated renewal is failing.

If your hosting company doesn't do this the other way is to run a program to get a cert. But, this needs server admin privileges and skills.

All certs have expiration dates. Let's Encrypt are 90 days but the max from anyone is just over a year and the trend is for even shorter lived certs that are renewed frequently.


I created my website in 2008

There are many Certificate Authorities like Let's Encrypt that issue certs.

You got a cert from cPanel Inc earlier this year, for example. But, it is also expired.

Given this history it looks like something changed in Feb of this year. Perhaps some new admin system at your hosting company. Or, maybe you changed hosting plans.

Your hosting company is the right place to look for further help. I don't think you have the technical skills to perform the system admin tasks needed to get / configure certs on your own.

Maybe this topic will help you understand more about Let's Encrypt

Your recent history


Wait a minute. I just realized your server is using the cert issued Jan31.

But, as your cert history shows, you got multiple certs since then. The server handling your domain name is not using them.

You should talk with your hosting company about using the cert from Jun24 which does not expire until Sep22



Thank you so very much!! I think that would be Turbify. I am logged in but yes very green at this.

I sure do appreciate all the info you have told me. I am crossing my fingers hoping this third time calling Turbify will be the charm.

I do not want to loose any customers.

Thank you again!!!!


I hope that knowing more about the different roles involved may reduce confusion when you continue dealing with the support staff.

  • Domain registrar: The company that you pay for your domain name (to cause you to be, and continue to be, the owner of this name on the Internet). It looks like this is Tucows, although they have a business relationship with Turbify as a reseller, which means your actual contract may be with Turbify rather than Tucows.

  • DNS provider: The company that provides the service of translating your domain name (, used by human beings) into a numerical IP address (, used by computers to connect to your web server). This is usually the same as one of the other roles, but it does not have to be. In your case, this appears to be Turbify.

  • Hosting provider: The company that operates your web server (a computer that stores your web content, sends that content to Internet users who request it, and, in the case of a web store, collects order information from customers). In your case, it appears that Turbify is performing this role, using physical computers that they rent from Rackspace (whose business is, well, operating physical computers in data centers, and renting them out to people and companies who have a use for them).

  • Certificate authority: The company that issues a digital certificate that confirms to the public that they're making a secure connection with the site actually operated by the domain owner. This prevents some kinds of attacks that Internet service providers could otherwise perform to spy on Internet end users. The certificate authority, in current practice, commonly confirms this by communicating with software on the hosting provider's systems, and then issues a digital certificate which is valid for some period of time. Before the end of that time period, a new certificate has to be requested ("certificate renewal"). Ideally, this process can be fully automated, but the automation could fail if nobody bothered to set it up, or if some settings have changed in one place without being updated in another place. In your case, this appears to be Let's Encrypt.

Let's Encrypt is a completely automated certificate authority which operates on a not-for-profit basis. The certificates are always free of charge, but they do have an expiration date, which is an industry requirement. Another industry requirement is that the certificate authority must check, by technical means, that you still control the domain name listed in the certificate, before issuing a new certificate, even as a replacement.

That process should happen automatically but seems to be failing to happen automatically in your case, for a reason that we don't know yet. It seems most likely that Turbify is responsible for the software that obtains the certificates, and that they have to fix the configuration of that software. (Unless you have a memory of going through some manual process to request the original certificate, and then providing the resulting certificate to Turbify somehow.)

Another thing to know is that Let's Encrypt's automation means that your certificate is not issued by a human being, and the decision to issue or renew it isn't made by a human being, so there's no person to convince or persuade that the certificate should be renewed. All of that is done exclusively through software, which is why we have the emphasis on finding out who is responsible for the software in question and getting them to fix its configuration. :slight_smile:


It is. Tucows is primarily a registration wholesaler that sells to resellers. The reseller is identified toward the end of the whois output provided by the Tucows whois server.

Registration Service Provider:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.