Renewing non-expired certificate


#1

Hello, I have applied for the SSL certificate, which is not expired yet. What will happen if I apply for the certificate again? What is the difference between renewal and reapplication without renewing the certificate at the end of each application? If it does not reach the first 30 days of expiry date, what will it be like to renew the contract?


SSL Renewal ISSUE
#2

Hi,

The new certificate will count against the rate limit (of weekly certificates).

The renewed certificate are in the same place as before, means if you are using an application that need to specify certificate path and private key path, you’ll just need to reload / restart the software after renewal.

However, the reissue / issue a new certificate will create another pair of certificate, which means you probably need to dive inside the configuration of softwares that use the certificate and reconfig the server, which might cause additional issues.

Also, the renewal normally could be set as a cron / systemd timer job that automatically execute, and would produce less outputs than a regular issurance process. (Which is better if your server will email every executed cron logs to your email address)

You could renew at anytime you wished, you’ll just need to make sure you don’t hit the rate limit.

Ref: Let’s encrypt rate limit

Hope this explains.

Thank you


#3

Can you explain what software you’re using, and which actions you can take? What do you mean by “renewal” and “reapplication” and what’s the difference?

On a low level, there is very little technical difference between different ways to issue a new certificate.

The differences are mainly in how the software you’re using manages certificates, and how different buttons and commands might affect it


#4

If do you mean new SSL for the website, it doesn’t matter, better if your site doesn’t get a penalty for SSL certificate absence, so try to do it as earlier as possible