1. Home
  2. Hosting Tools
  3. SSL Certificates
  4. How does automatic SSL Certificate renewal work with WPX?

How does automatic SSL Certificate renewal work with WPX?

This article will explain SSL certificate renewals and issues that may occur when requesting a renewal. The SSL certificates installed from the WPX control panel are free and provided by Let’s Encrypt. Those certificates are automatically renewed.

SSL Certificate Renewal Period

The SSL certificates provided by Let’s Encrypt are valid for 90 days. They are automatically renewed by our system every 2 months and a half to avoid any manual work.

Configuration issues preventing automatic SSL renewal.

Some issues may occur when trying to renew your SSL certificate due to your site’s configuration. You will receive an email for the failed renewal attempt to your WPX account email address. Let’s take a look at the possible reasons for renewal failure.

We will address the main configurations that may prevent your SSL certificate from automatic renewal.

Website redirects

If you have a redirect set to redirect your site to another URL e.g. (301/302 redirects), the SSL may not be renewed automatically.

To successfully renew your certificate, you will need to remove the redirect code or rule from your configuration file (.htaccess) or your redirect plugin (if you are using one).

Using third-party CDN providers

If you are using third-party CDN providers such as Cloudflare.

This is a guide that will help you configure your website with Cloudflare and successfully renew your SSL certificate.

Domain forwarding.

If your domain is set to forward to a different URL in your domain registrar, the SSL certificate cannot be renewed automatically.

Domain Forwarding option will do the same as .htaccess / plugin redirects but on a Registrar level. You will need to remove Domain Forwarding from your domain options to renew the SSL certificate for your website successfully.

DNS configuration

Missing DNS records to point the website to the correct IP Address (A records/ NS records).

To be able to use the SSL certificates provided by us, and renew those automatically, the domain name should be pointed to WPX hosting. By default, the SSL certificates are installed for the @ (same as domain) and the www version of your website. If some of the A records are pointed to a different provider (such as Shopify), your SSL certificate cannot be automatically renewed. In such cases, you can use a custom SSL, to install it on the website that is pointed to us.


Having DNSSEC enabled in your domain registrar is an option for hiding Who.IS information and additional security on your domain on a registrar level.

DNSSEC does not work properly with Let’s Encrypt SSL certificates. You will need to disable that option from your domain registrar to complete the renewal of the SSL Certificate.

If you get stuck with anything discussed on this page, please get in touch with the WPX Support Team via live chat (use the bottom right-hand widget) and they will respond and help within 30 seconds or less.

Was this article helpful?

Related Articles

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support