My certificate won't renew — "cannot renew free SSL"
Free Let's Encrypt certificates are valid for 90 days, and on the Free plan renewal is manual: you re-verify your domain and re-install the certificate, the same way you did the first time. The plugin emails you 30 days before expiry.
Renewal checklist (Free plan):
- Open SSL Zen in your WordPress admin. If your certificate is within 30 days of expiry you'll see a Renew option — click it. If the certificate has already expired, the plugin restarts from Step 1; that's normal.
- Re-verify your domain at Step 2. If your old
.well-known/acme-challengefolder still exists from last time, delete the old files first — Let's Encrypt issues a *new* verification file for every renewal, and a stale file is the most common cause of "cannot renew." - Verification results are valid for about 30 days. If you renew within 30 days of your last verification, Step 2 may be skipped automatically.
- Download the three new files at Step 3 (
certificate.crt,cabundle.crt,privatekey.pem) and install them replacing the old ones in your hosting panel. Installing the new certificate but keeping the old private key is the second most common failure — always replace all files together. - Complete Step 4 so HTTPS redirection stays active.
If renewal keeps failing: check the rate-limit article (5 identical certificates per week maximum), and confirm your site's A record still points at your server. If you'd rather never do this again, the Premium plan renews automatically every 60 days with no action from you.