If SSL certificates provided by AutoSSL need to be reissued, AutoSSL detects if the certificates have been revoked and orders new ones to replace them during the next automated AutoSSL run. You can also manually renew certificates prior to the next automated run.
Manually renew AutoSSL certificates for all users
Follow these steps to manually renew the certificates for all users:
1. Connect to the server as the root user via SSH, then run this command:
If you are unable to access the server via SSH, start a new AutoSSL check in WHM at SSL/TLS > Manage AutoSSL and select Run AutoSSL For All Users.
2. Once the certificates have passed their validation-checks, trigger their installation with this command:
Manually renew AutoSSL certificates for a single cPanel user
There are 3 ways to renew the AutoSSL certificates for a single user:
1. Navigate to WHM > SSL/TLS »Manage AutoSSL and click Manage Users, then click "Check 'username'" next to the user.
2. Log in to cPanel as the user, navigate to cPanel > Security > SSL/TLS Status, then click "Run AutoSSL".
3. Log in to the server as root via SSH or use the WHM Terminal and run the following command, substituting "username" with the cPanel account's username:
Manually renew a certificate before it is revoked
To renew a certificate prior to its revocation, delete the existing SSL certificate via one of these methods:
- In WHM: Go to WHM>>SSL/TLS>>Manage SSL Hosts -> Delete the affected certificate
- In cPanel: Go to cPanel>>Security>>SSL/TLS -> Manage SSL Sites -> Delete the affected certificate
- On the command-line:
whmapi1 delete_ssl_vhost host=example.com(replace example.com with the affected domain)
Then force an AutoSSL run via one of these methods:
/usr/local/cpanel/bin/autossl_check --user(replace user with the affected user)
- In WHM: go to WHM > SSL/TLS > Manage AutoSSL>Manage Users and select Check "user" (replace "user" with the affected user)
- In cPanel: go to cPanel>>Security>>SSL/TLS Status -> Run AutoSSL