1. Home
  2. Security
  3. SSL
  4. Let's Encrypt
  5. Why do Let’s Encrypt Certificates Only Last 90 Days?

Why do Let’s Encrypt Certificates Only Last 90 Days?




WP Enthusiast

WP Professional

WP Professional Plus

Let’s Encrypt certificates last 90 days and will need to be renewed after the certificate expires. If you host with Pair Networks and you have Let’s Encrypt enabled on your domain, our system will automatically attempt to renew it.

We’ve added this auto-renew feature for your convenience; you never have to worry about forgetting to renew your Let’s Encrypt certificate. However, you may be wondering why Let’s Encrypt certificates only last 90 days since you have probably seen certificates offered in yearly form.

Let’s Encrypt certificates only last for 90 days for a few reasons. The first reason is in the case that your certificate’s key is compromised. If this happens, your site is opened up to vulnerabilities. Having a certificate that expires after 90 days will reduce the chances of someone exploiting any vulnerabilities that may occur.

The second reason Let’s Encrypt expires after such a short time is to minimize the impact of mis-issued certificates.

The short life of these certificates prompted us to create an auto-renewal feature for our customers using Let’s Encrypt. That way, you are never left without a certificate.

The automatic Let’s Encrypt certificate generation may fail if you have made changes to your domain’s DNS. See our Troubleshooting: Let’s Encrypt Keeps Failing on My Domain article for more information.

Updated on February 26, 2020

Was this article helpful?

Related Articles

Need Support?
Can't find the answer you're looking for?
Contact Support