Sign in Try for Free
DE

How to Renew TLS Certificates

Apr 3, 2021
1 min read
Borislav Kiprin

In this article:

  1. TLS Certificates Security Assessment
  2. TLS Certificates Vulnerability Information
  3. How to Renew TLS Certificates
Identify TLS Certificates Vulnerabilities in Your Web Apps and APIs
Scan now for free

The domain certificate is expired or will expire closely. An expired certificate will result in error messages for the web application’s users.

TLS Certificates Security Assessment

Security Assessment Renew TLS Certificates

CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

TLS Certificates Vulnerability Information

The domain certificate is expired or will expire very closely. An expired certificate will result in error messages for the web application’s users. To guarantee secure connections between the users and the web server, request a newly signed certificate with your certificate authority.

Prevention Guide for SSL/TLS Vulnerabilities

Prevention Guide

Learn how to detect and prevent different kinds of SSL/TLS vulnerabilities.

Download

How to Renew TLS Certificates

Use one of the following guides to renew your certificates.

OpenSSL

To generate a certificate signing request for your certificate run:

openssl req -new -key ssl/certificate.key -out ssl/certificate_signing_request.csr

This assumes that your certificate to renew (including private key) is stored inssl/certificate.key. Then submit thecertificate_signing_request.csrto your certificate authority. They will use this request to sign your certificate and provide you with the signed certificate. If the signed certificate is returned to you asnew.crt, you can combine the key and the signed certificate as follows:

cp ssl/certificate.key ssl/new.pem
cat ssl/new.crt >> ssl/new.pem

The resultingnew.pemfile can be copied to your webserver directory to be used in the web application.

Let’s Encrypt

If you are using Let’s Encrypt as your certificate authority, run the certbot renew command:

certbot renew

To enable manual renewal, add the renew command to your crontab by running Sudo crontab -e:

# m h   dom mon dow command
  0 0   *   *   0   certbot renew

This will run the renew command once a week at midnight trying to renew all your certificates.

Get a quick security audit of your website for free now

We are analyzing https://example.com
Scanning target https://example.com
Scan status: In progress
Scan target: http://example.com/laskdlaksd/12lklkasldkasada.a
Date: 23/09/2022
Crashtest Security Suite will be checking for:
Information disclosure Known vulnerabilities SSL misconfiguration Open ports
Complete your scan request
Please fill in your details receive the
quick security audit by email.
Security specialist is analyzing your scan report.
То verify your identity please provide your phone/mobile:
Thank you.
We have received your request.
As soon as your security audit is ready, we will notify you.

Other posts

What is the HTTP.sys Remote Code Execution vulnerability (CVE-2022-21907)
Sep 19, 2022
7 min read
What is the HTTP.sys Remote Code Execution vulnerability (CVE-2022-21907)
What is a port scan attack?
Sep 12, 2022
7 min read
What is a port scan attack?
What is Directory Traversal in Cyber Security
Sep 5, 2022
8 min read
What is Directory Traversal in Cyber Security
Password Reset Poisoning Attack, Types and Prevention Explained
Aug 29, 2022
8 min read
Password Reset Poisoning - Attack Types and Prevention
View all posts