Home / Tools / Install and verify a valid SSL certificate
DNS Security · Scan Check Guide

Install and verify a valid SSL certificate

15 min Impact: high Effort: low ✓ Scan-verified — no manual checkbox

SSL/TLS certificates expire on a fixed schedule (often 90 days for free certificates like Let's Encrypt) — when one lapses, every visitor sees a full-page "your connection is not private" warning instead of your site, with no way to click through easily on modern browsers.

An expired SSL certificate makes your site inaccessible — browsers block it with a full-screen warning and Google deindexes it. Certificates should be set to auto-renew.

How to fix it

  1. 1
    Check your current certificate's expiry date
    Visit your site in a browser, click the padlock icon, and view certificate details — or use an SSL checker tool.
  2. 2
    Confirm auto-renewal is actually configured
    Most modern hosts and Cloudflare auto-renew certificates, but this can silently fail if DNS records changed or a renewal check bounced.
  3. 3
    Set a calendar reminder as backup
    Even with auto-renewal, a reminder a week before expiry catches the rare case where automation fails.
  4. 4
    If expired or expiring, renew immediately
    Through your host's SSL settings or certificate provider — this is usually fast once triggered.

Common mistakes

How you'll know it's done

Your certificate has more than 30 days remaining before expiry, and auto-renewal is confirmed active.

Tools that help

H.I.V.E. checks this automatically

Fix it, then re-scan — the check confirms itself. No manual checkbox, the scan is the truth.

Run this check in H.I.V.E. →