SSL Zen Help Center
← Back to Help Center

My certificate won't renew — "cannot renew free SSL"

Last updated July 2, 2026 · Renewals

Free Let's Encrypt certificates are valid for 90 days, and on the Free plan renewal is manual: you re-verify your domain and re-install the certificate, the same way you did the first time. The plugin emails you 30 days before expiry.

Renewal checklist (Free plan):

  1. Open SSL Zen in your WordPress admin. If your certificate is within 30 days of expiry you'll see a Renew option — click it. If the certificate has already expired, the plugin restarts from Step 1; that's normal.
  2. Re-verify your domain at Step 2. If your old .well-known/acme-challenge folder still exists from last time, delete the old files first — Let's Encrypt issues a *new* verification file for every renewal, and a stale file is the most common cause of "cannot renew."
  3. Verification results are valid for about 30 days. If you renew within 30 days of your last verification, Step 2 may be skipped automatically.
  4. Download the three new files at Step 3 (certificate.crt, cabundle.crt, privatekey.pem) and install them replacing the old ones in your hosting panel. Installing the new certificate but keeping the old private key is the second most common failure — always replace all files together.
  5. Complete Step 4 so HTTPS redirection stays active.

If renewal keeps failing: check the rate-limit article (5 identical certificates per week maximum), and confirm your site's A record still points at your server. If you'd rather never do this again, the Premium plan renews automatically every 60 days with no action from you.

Still need help?

Can't find what you're looking for? Our team will get you sorted.

Contact support