How do I renew an SSL certificate?



I am using Cloudflare and SSL from Letsencrypt for my site and SSL certificate is going to be expired soon, I had a question here but they are saying that my SSL is being handled by Cloudflare, it should be solved from Cloudflare.

So, how can I renew SSL certificate for my site? what is the best way to do this?

I am sure more people are using Cloudflare and SSL from Letsencrypt, I look forward to having a best solution for this, like to know both ways manually or automatically renew SSL.



As far as I can see your certificate (on Cloudflare) have already been renewed. Cloudflare handles certificate renewal automatically.


How did you create your Let’s Encrypt certificate in the first place? That should be part of your solution.

On my Ubuntu Apache server(s), I use Certbot:

And have a crontab entry that runs daily to update any almost-expired certs:

15 3 * * * /usr/bin/certbot renew --quiet


Your Cloudflare Universal SSL certificates will automatically renew as long as you are using our Name Servers authoritatively for your domain, or your WWW subdomain is orange-clouded. These methods allow us to automatically verify the Universal SSL certificate renewal for your domain.

If it is your letsencrypt certificate that is expiring, you’d need to renew this as @sdayman explained.


I know Cloudflare will be automatically renewed but the problem is I used Letsencrypt from my hosting control panel and how when my Letsencrypt ssl is expire.

I created it from my hosting control panel. Do some configurations and I could enable Let’s Encrypt for my site.
I don’t think I need to recreate a new Let’s Encrypt ssl to renew or that will not work.

Do i need to install Certbot and this will renew my SSL certifications?

Thanks you guys!


OK - so renew LetsEncrypt certs behind Cloudflare you’ll need to use DNS or “Webroot” based verification. There’s some information on this here:

I also note that certbot has added Cloudflare support which means it will automatically complete DNS verification for your LetsEncrypt cert renewal via the Cloudflare API. I couldn’t find full documentation on this, but you can see the commit in the latest version here:

So I would consider installing the latest version of certbot and trying it with the --dns-cloudflare option.