How do I renew an SSL certificate?


I am using Cloudflare and SSL from Letsencrypt for my site and SSL certificate is going to be expired soon, I had a question here Options for Renewing Certificates with CloudFlare Proxying Enabled - Help - Let's Encrypt Community Support but they are saying that my SSL is being handled by Cloudflare, it should be solved from Cloudflare.

So, how can I renew SSL certificate for my site? what is the best way to do this?

I am sure more people are using Cloudflare and SSL from Letsencrypt, I look forward to having a best solution for this, like to know both ways manually or automatically renew SSL.


As far as I can see your certificate (on Cloudflare) have already been renewed. Cloudflare handles certificate renewal automatically.

1 Like

How did you create your Let’s Encrypt certificate in the first place? That should be part of your solution.

On my Ubuntu Apache server(s), I use Certbot:

And have a crontab entry that runs daily to update any almost-expired certs:

15 3 * * * /usr/bin/certbot renew --quiet

1 Like

Your Cloudflare Universal SSL certificates will automatically renew as long as you are using our Name Servers authoritatively for your domain, or your WWW subdomain is orange-clouded. These methods allow us to automatically verify the Universal SSL certificate renewal for your domain.

If it is your letsencrypt certificate that is expiring, you’d need to renew this as @sdayman explained.


I know Cloudflare will be automatically renewed but the problem is I used Letsencrypt from my hosting control panel and how when my Letsencrypt ssl is expire.

I created it from my hosting control panel. Do some configurations and I could enable Let’s Encrypt for my site.
I don’t think I need to recreate a new Let’s Encrypt ssl to renew or that will not work.

Do i need to install Certbot and this will renew my SSL certifications?

Thanks you guys!

OK - so renew LetsEncrypt certs behind Cloudflare you’ll need to use DNS or “Webroot” based verification. There’s some information on this here:

I also note that certbot has added Cloudflare support which means it will automatically complete DNS verification for your LetsEncrypt cert renewal via the Cloudflare API. I couldn’t find full documentation on this, but you can see the commit in the latest version here:

So I would consider installing the latest version of certbot and trying it with the --dns-Cloudflare option.