WordPress SSL Certificate Expired? How To Fix It In 15 Minutes (2026)

Q: How do I check when my WordPress SSL certificate expires?

In Chrome, click the padlock icon in the address bar, then Connection is secure, then Certificate is valid. This shows the exact expiry date. Use UptimeRobot or SSL Labs for proactive monitoring and email alerts before expiry.

Q: Will my WordPress site traffic come back after fixing SSL?

Yes, but recovery takes 3-14 days for Google to recrawl. The faster you fix it, the less ground you lose. Submit your sitemap in Search Console to speed up recrawling if the cert was expired for more than a week.

Q: Why did WordPress SSL auto-renewal fail?

Most common reasons: the renewal email went to spam, the payment card expired, or the host's auto-renew cron job failed silently. Set a calendar reminder 30 days before expiry and verify manually each year.

Q: What is the difference between renewing and reissuing an SSL certificate?

Renewal extends the expiry date on the same certificate for the same domain. Reissuing creates a new certificate -- required when the domain name on the cert is wrong, you added a subdomain, or you suspect the private key was compromised.

Tested: WordPress 6.7 · Dreamhost, GoDaddy, SiteGround, Cloudflare |
Updated: March 2026 |
By: Liza Kliko

🔴

Site down right now?

Skip straight to Step 1: Renew your certificate — the fix takes 5–15 minutes depending on your host. Come back and read the full guide once your site is back up.

Quick Answer — How to Fix an Expired WordPress SSL Certificate

To fix an expired SSL certificate in WordPress, follow these three steps:

Renew the SSL certificate via your hosting control panel or registrar
Force HTTPS in WordPress Settings → General (update both URL fields to https://)
Clear all caches — your caching plugin, Cloudflare, and your browser

The full renewal process takes 5–15 minutes on most hosts. If you still see browser warnings after renewing, you likely have a mixed content error — HTTP resources loading on an HTTPS page. Install the Really Simple SSL plugin to fix this automatically.

TL;DR

WordPress SSL Expired — Everything You Need to Know

The Fix (3 steps)

Renew via your host’s control panel or Cloudflare
Force HTTPS in WordPress → Settings → General
Clear cache — plugin cache + Cloudflare + browser

If still broken after renewal

Mixed content: install Really Simple SSL
Certificate not propagating: wait up to 24 hours
Wrong domain on cert: reissue, don’t just renew
Dreamhost / GoDaddy: use Let’s Encrypt, it’s free

SEO impact: Google drops HTTPS sites fast when SSL expires. Renewing within the same day limits ranking damage. Waiting more than a week risks losing positions that take months to recover.

An expired SSL certificate is one of those WordPress emergencies that feels catastrophic but is almost always fixable in under 15 minutes. Your site isn’t hacked, your content isn’t gone — your certificate simply reached its expiry date and wasn’t renewed automatically.

I’ve dealt with this on client sites more times than I’d like to admit, usually because the auto-renewal failed silently: the email went to spam, the credit card on file expired, or the host’s auto-renew simply didn’t trigger. Whatever the cause, the fix process is the same. This guide walks through it host by host, covers the mixed content errors that show up after renewal, and ends with how to set up monitoring so this never happens again.

Diagnosis

What the Browser Error Is Actually Telling You

Browser Error	What It Means	Fix
Your connection is not private · `NET::ERR_CERT_DATE_INVALID`	Certificate has expired — the most common case	Renew the certificate (Steps 1–3 below)
`NET::ERR_CERT_COMMON_NAME_INVALID`	Certificate is valid but issued for a different domain	Reissue the certificate with the correct domain(s)
`ERR_SSL_PROTOCOL_ERROR`	SSL handshake failed — usually a server configuration issue	Contact your host — this is server-side
Padlock with warning triangle · “Not fully secure”	Certificate is valid but page contains mixed content	Mixed content fix — Step 3 below

How to confirm it’s actually expired
In Chrome: click the warning → click “Not secure” in the address bar → Certificate is not valid. This shows you the exact expiry date.

The Fix

How to Fix an Expired WordPress SSL Certificate: 3 Steps

Renew the SSL Certificate at Your Host

⏱ 2–10 minutes · Done in your hosting control panel

The renewal process differs by host. Here’s the exact path for the most common ones:

Dreamhost: Websites → Secure Certificates → Add / Renew HTTPS → Let’s Encrypt.
GoDaddy: My Products → SSL Certificates → Manage → Renew.
SiteGround: Site Tools → Security → SSL Manager → Get Free SSL.
Cloudflare: SSL/TLS → Edge Certificates → Re-enable Universal SSL.

Force HTTPS in WordPress Settings

⏱ 2 minutes · WordPress Admin → Settings → General

Go to WordPress Admin → Settings → General
Update both WordPress Address (URL) and Site Address (URL) to https://
Click Save Changes

Fix Mixed Content Errors and Clear All Caches

⏱ 5–10 minutes · The step most people miss

The fastest fix: Really Simple SSL plugin. It automatically rewrites all http:// references to https:// in your page output. Install it, activate it, and click Activate SSL. Then clear your caching plugin, purge Cloudflare if you use it, and do a hard refresh in your browser (Ctrl+Shift+R / Cmd+Shift+R).

FAQ

Frequently Asked Questions

How do I check when my WordPress SSL certificate expires?

In Chrome, click the padlock icon in the address bar → Connection is secure → Certificate is valid. This shows the exact expiry date. For proactive monitoring, use a free service like SSL Labs or UptimeRobot — they send email alerts before the expiry date, not after.

Will my WordPress site traffic come back after fixing SSL?

Yes, but there’s a recovery lag. Google needs to recrawl your pages, which typically takes 3–14 days. Rankings will return, but the faster you fix it the less ground you lose. If your cert expired for more than a week, expect a slower recovery and consider submitting your sitemap in Search Console to accelerate recrawling.

Why did WordPress SSL auto-renewal fail?

The three most common reasons: (1) the renewal notification email landed in spam, (2) the payment card on file expired, (3) the host’s auto-renew cron job failed silently. Set a calendar reminder 30 days before expiry and verify the cert date manually each year. For Let’s Encrypt certificates (90-day validity), make sure your host’s auto-renewal script actually runs — check your cPanel or Plesk logs.

What is the difference between renewing and reissuing an SSL certificate?

Renewal extends the expiry date of the same certificate for the same domain. Reissuing creates a new certificate — required when the domain name on the cert is wrong (NET::ERR_CERT_COMMON_NAME_INVALID), you have added a subdomain, or you suspect the private key was compromised. If you see the “wrong domain” error, renewing will not fix it. You need to reissue.

How do I prevent WordPress SSL from expiring again?

Switch to Let’s Encrypt (free, 90-day certs with auto-renewal built into most hosts). Enable email alerts from your host for renewal events. Add an external SSL monitoring service like UptimeRobot or Better Uptime that emails you 30 days before expiry. And store your host billing card in a place that gets updated when you replace your physical card — expired payment methods are the most preventable cause of missed renewals.

WordPress SSL Certificate Expired? How to Fix It in 15 Minutes (2026)