Hello there!

The client already has hosting and a domain, and Let's Encrypt is available for free during the first year. However, it requires updates every three months. On the other hand, I usually use Fornex because they extend everything themselves without any cost.

Would it be necessary for me to go to the control panel every three months and manually update the certificate by installing a new one and deleting the old one? And would I also need to pay for it once a year, otherwise the website will lose its HTTPS?

By the way, there are hosting options that allow the renewal of the certificate at least once a year.

For those who use shared web hosting instead of VPS, the leading control panels have a let's encrypt plugin that can automate the updating process. However, if the control panel has not been updated for years or if it is custom-made, there might be no such item available on the panel.

Also, about the fee, Let's Encrypt itself is free, but there might be additional charges. The free certificate for a year could be from another vendor that was used before the widespread introduction of Let's Encrypt.

When updating the SSL certificate, it's only necessary to replace the old one with the new one and re-read the Apache or Nginx configuration. Before that, I always make sure to copy the old certificate just in case. There's no need to do anything else.

Sometimes, the browser might show the old certificate. However, a simple page refresh or closing and reopening the site will update the certificate in the browser. It's not necessary to clean out cookies and cache.

I can attest that this method works 100% because I have almost all Let's Encrypt certificates, which are updated constantly.

Let's Encrypt, as a free and widely accessible option, provides an excellent means of securing a website with HTTPS. However, it does require regular certificate updates every three months to maintain its validity.

Managing Let's Encrypt certificates typically involves manual renewal through the hosting control panel. This process includes installing the new certificate and removing the old one, which can be a recurring task demanding attention and care. Neglecting to update the certificate in a timely manner can lead to an interruption in HTTPS service, potentially impacting user trust and site credibility, as modern web browsers actively signal lack of security with unencrypted connections.

On the other hand, hosting providers like Fornex offer the advantage of handling certificate renewals automatically, eliminating the need for manual intervention. This not only streamlines the administrative burden but also provides a consistent and reliable approach to maintaining secure connections for the website.

When considering SSL/TLS certificate management, it's crucial to understand the implications of renewal frequency. While Let's Encrypt may offer free certificates, the trade-off is the requirement for more frequent updates. Conversely, hosting providers like Fornex may extend the expiration timeline for certificates, enabling less frequent manual intervention.
The decision to choose Let's Encrypt or a hosting provider like Fornex involves balancing the value of free certificates against the convenience of automated renewals. Ultimately, ensuring a secure and seamless user experience on your website calls for careful consideration of the certificate renewal process and its alignment with your resources and operational objectives.

To renew an SSL certificate, generate a new CSR, submit it to your certificate provider, complete the validation process, and then install the renewed certificate on your server.

To renew an SSL certificate, log in to your hosting or certificate provider's account and generate a new CSR.
Then, validate the domain and install the renewed certificate on your server to restore secure HTTPS connections.