How do 2-5-year SSL Certificates Work?


From August 18, 2020, the maximum SSL certificate validity of an issued SSL will be limited to 1 year (398 days) following new requirements announced by a number of major web browsers. Read more about the change here.


You may have noticed that if you purchase a 2–5-year SSL certificate, the certificate you are issued is only valid for 1 year. Don’t worry, this isn’t an error. This is in keeping with new requirements announced by a number of major web browsers in February 2020.

An SSL of more than 1-year is basically a prepay option that gets you the lowest price possible for your SSL. Typically, buying an SSL for more years gives you a bulk discount. It also protects you against industry price rises. 

When you purchase an SSL of more than 1 year you will still be able to use the full period you’ve paid for through the reactivation process.

What is “reactivation”? 

The reactivation process is the same as activating an SSL before installing it on your website. Through reactivation you will be able to use the remaining period you paid for and get a new SSL issued for the period of maximum validity Certificate Authority supports (currently 1 year). You will get an email reminder to issue a new SSL 30 days before the previous one expires. You need to re-install the new certificate on your server.

What happens if you don’t reactivate

If you don’t reactivate, your SSL initially issued for 1 year will expire. Your website will no longer have encryption protection and your site will be flagged as “Not secure”. The certificate status in your dashboard will change to “Paused”. To restore the secure connection, you need to issue another SSL for free and reinstall it on your website. 

If you reactivate and install a new SSL before your initially issued SSL expires, your certificate status will not switch to “Paused” and you will not experience any service interruption.

How to reactivate

30 days before your 1 year SSL is due to expire, you’ll get an email reminder. The option to reactivate will be also available in your user account’s dashboard. When it’s time, click the “Reactivate” button and follow the system guidance steps. 

Once reactivated, you will either get a new pause date if you still have pre-paid time left on your SSL, or expiration date, which is when you’ll need to renew your SSL next.

How is “reactivate” different from “renew”? 

When you reactivate, you get a new SSL issued within the period you already paid for. Once this paid period is over, you will need to renew the whole SSL — which means paying once more for another period of your choice.

Both actions involve sending activation requests to the Certificate Authority, getting an SSL issued, and installing the issued SSL on your site. Whether you need to reactivate or renew your SSL, you will get an email reminder from us and will be guided through the corresponding process.