My SSL Certificate Expired...HELP! - WatchTowerHQ
Help with SSL Expiration
11 November 2020

My SSL Certificate Expired…HELP!

Your SSL certificate expired, no big deal right? Wrong. Having a valid SSL certificate for your website is a must. Without it, visitors to your site have an increased risk of having their data stolen. Many browsers will even stop visitors from accessing your site if it doesn’t have a valid SSL certificate. 

Google will flag your site and limit access without a valid SSL Certificate

SSL 101

SSL stands for Secure Sockets Layer, and uses encryption to help protect sensitive information. These certificates include protocols to protect your site from being targeted in phishing scams, data breaches, and other situations that can lead to business loss and damage to your brand. 

The benefits of having a valid SSL certificate can:

  • Secure data traveling between servers
  • Increase your Google search rank
  • Build and enhance customer trust

What Is an SSL Certificate?

An SSL Certificate is a small data file that digitally binds a cryptographic key to an organization. On a web server, SSL activates the https protocol and triggers the appearance of the padlock you sometimes see before the URL at the top of your browser.

SSL Lock Image - URL Bar

The lock in the URL bar shows that a site has an active SSL certificate

Website owners use SSL to protect financial transactions, data transfers, user account details, passwords, and more. 

SSL binds together:

  • A domain, server, or host name
  • An organization’s identity and location

Organizations install SSL certificates to initiate secure browser sessions. Once the connection is established, web traffic between the server and browser will be protected. 

When an SSL certificate is successfully installed, the application protocol (http) will change to https — the “s” stands for “secure.”

Public Key Cryptography

SSL certificates use public-key cryptography to establish secure connections. This kind of cryptography uses a secure shell (SSH) key pair made up of two keys, one public and one private. The public key is configured on a secure server to authorize access to users who have a copy of the private key.  

How Long Are SSL Certificates Good For?

As of September 1, 2020, SSL certificates are valid for 12 months. You should renew your certificates before they expire.

Why Do SSL Certificates Expire?

SSL certificates have expiration dates hard-coded into them to ensure that your encryption is up to date. Almost any encryption can be compromised given enough time. Expiring SSL certificates on a regular basis helps reduce vulnerability from bad actors working to break the encryption.

What Happens When SSL Certificates Expire? 

Expired SSL certificates prevent authentication between servers. When this happens, your website becomes less secure and most browsers will warn visitors away from your site. 

When a user reaches your website, their browser checks for the validity of the SSL certificate almost instantly. If it finds that the certificate has expired, it issues a warning similar to this:

Visitors can decide to continue on to your site despite the warning, but most won’t. Expired SSL certificates also damage organic search ranking on search engines, such as Google, that check for their presence.

How to Renew Your SSL Certificate

To renew your SSL certificate, simply re-purchase it from the SSL provider you originally bought it from. You should renew the certificate before the validity period actually expires.

You can renew your SSL certificates anywhere from 30 to 120 days before the expiration date, depending on your provider. When you have a valid renewal SSL certificate, you’ll need to activate it, validate it, and install it with your hosting provider.

The Business Losses of an Expired SSL Certificate

SSL Certificate Expired - Google Warning

An expired SSL certificate makes you more vulnerable to data theft, which can get you into hot water with customers and impact your compliance with regulations like GDPR and CCPA. It’s also bad for business.

Lost Traffic

When website visitors are greeted with a dire warning about the dangers of accessing your site, most will abandon your site. A recent study revealed that 64% of users said they would immediately leave a site with an SSL security warning…and personally, I’m surprised it’s that low.

Furthermore, the chances visitors will even find your site are reduced. Google and other search engines boost the search ranking of sites that have a valid SSL certificate, so having an expired or missing certificate also damages your chances of appearing in organic search.

Lost Leads

Visitors who leave your site immediately because of an SSL expiration warning won’t have an opportunity to sign up for your newsletter, fill out a web form, or contact you from your contact page. Other prospective customers may bypass the warning and enter your site but may be wary about providing their contact information.  

Referrals can suffer, as well. People who encounter a security warning aren’t going to refer others to your website. Instead, they may actually warn friends and family to avoid it. 

Lost Business

For the small percentage of visitors who will continue through a warning to visit a site without a valid SSL certificate, 46% said they would not enter their name, password, credit card number, or any other sensitive information.

These are understandable responses. When a user’s browser alerts them that a website isn’t safe or that their connection isn’t secure, it’s alarming. No one wants to wind up with malware installed on their computer or have their data stolen. 

Lost Revenue

Companies lose millions of dollars each year thanks to expired SSL certificates. 

A study by Symantec revealed that 90% of customers will stop transactions in process after getting an SSL certificate expiration warning and 72% who planned to make a purchase will leave the site immediately.  

This negative experience is also sure to impact the likelihood of these customers returning at a future date to complete a transaction— most are gone for good. A Ponemon Institute study confirms this predictable outcome. One-third of the study’s respondents vowed to never go back to a site to make any purchase after encountering an expired certificate warning.  

Damaged Credibility

Long-term revenue can also suffer as a result of expired SSL certificates. Established clients who encounter these warnings may lose trust in your company and doubt your credibility. Sites who let their SSL certificates expire are seen as disorganized at best, or at worst, lax on security.

Don’t Let Expired SSL Certificates Damage Your Business

You invest time, effort, and marketing dollars into driving traffic to your site to generate leads and conversions. These tasks often command the most attention from the business, but simple oversights — like expired SSL certificates — can easily undo any gains made from your SEO and marketing efforts. 

It’s easy to overlook a small, but vital, task like renewing your SSL certificates. Getting a tool that helps you manage vital maintenance tasks across multiple sites from a single dashboard makes it easy to stay on top of your renewals. WatchTowerHQ’s suite of site monitoring tools can track your SSL certificate expiration dates and alert you when one is about to expire so you can quickly and easily renew them. 

The risks of letting your SSL certificates expire can be severe: lost business, long-term damage to your credibility, and turning off prospective customers before they even get to your site. Make a plan to monitor and renew your SSL certificates so you can prevent these easily avoided losses.

Book a Demo

Take a deep dive into WatchTowerHQ with a member of our Customer Success Team.

Sign up here