fix guide · public browser check + paid fix

ssl certificate expired — site is down or showing tls error

the certificate that proves your site is your site has expired. usually fixed in under an hour with no downtime if caught quickly.

ssl certificates expire on a schedule and the system that renews them sometimes does not. when this happens, visitors get a full-page warning that almost always makes them leave. the fix itself is fast — usually under an hour — but it only works if you can get to the renewal control panel. if the renewal failed because dns broke at the same time, or because you changed hosts and the old auto-renewal stopped running, the fix takes longer.

what this looks like to a visitor

chrome / firefox / safari show 'your connection is not private'
visitors get a full-page tls warning and bounce
google search console reports a tls error
you have to click 'advanced' and 'proceed' to see the site

what a public browser check can see

current certificate and expiry

we connect on port 443 and read the certificate. we report issuer, common name, subject alt names, and the expiry date. you see immediately whether it is expired and by how long.

renewal hint

we report what authority issued the cert. let's encrypt certs renew every 90 days; commercial certs are 1–2 years. that tells you which renewal path to take.

dns and host

we check your dns and whether your host is the same one that issued the cert. domain transfers and dns changes are the most common cause of renewal failure.

fallback plan

if the cert is expired but your origin is still reachable, the fix is fast. if dns is also broken, you have a bigger problem. the public check tells you which.

we do not log into your site. we do not scrape customer data. we open your public homepage in a real browser session and report what we see. no security claims unless we can prove them from the public surface.

the deeper picture

the four common causes: (1) let's encrypt cron broke. happens on shared hosts that lose the renewal job during a maintenance window. host support fixes it but you have to file the ticket. (2) domain expired. if your domain registration lapsed and was renewed late, the cert renewal will have failed too. fix: renew the domain, then re-issue the cert. (3) you moved hosts. the old host had auto-renewal, the new host does not, nobody set it up. fix: set up renewal on the new host, then test by lowering the cron threshold so you see it run. (4) you changed dns to a new cdn or registrar and the renewal challenge can no longer reach your origin. fix: get the cdn out of the way temporarily, renew, put cdn back.

fix it yourself

if you are on a managed host with auto-renewal (wix, squarespace, shopify, kinsta), open the host dashboard, find ssl/tls settings, click renew. for let's encrypt on shared hosting, the control panel usually has a 'renew now' button. if your host's auto-renewal cron broke, contact host support — they fix it from their side. if you are on a custom server, run certbot renew (the command depends on your setup).

run the audit on YOUR site — check for "ssl certificate expired — site is down or showing tls error"

we open your homepage in a real headless browser and report what we see. no login, no plugin install.

public browser check · no signup · result on the next page

paid fix

or pay us once.

this is the cheapest and most time-critical fix on this list. every hour with an expired cert costs you traffic. if you cannot figure out which of the four causes you have, the $99 fix path: we get the certificate live within a couple of hours, set up auto-renewal that actually runs, set monitoring so you get warned at 14 days remaining instead of finding out from a visitor. done same day in most cases.

let us fix the visible issue — contact form repair $99 run a deeper audit

frequently asked

how do i prevent this from happening again?

monitoring. our $19/mo plan checks your tls cert daily and emails you at 30, 14, and 7 days before expiry. you can also set up uptimerobot for free and get the same warning.

will i lose seo if my cert is expired for a few days?

marginally. google's crawler will see the tls error and slow down crawling. fixing within a few days recovers fully; weeks of downtime causes real ranking damage.

what if my cert is for the wrong domain (cn mismatch)?

this is a different fix — the cert is issued but not for your real domain. usually a sub-domain configuration mistake. re-issue with the right subject alt names. covered by the $99 fix.

do i need a paid cert or is let's encrypt enough?

let's encrypt is enough for almost every website that is not a bank. it is free, trusted by every browser, and the only downside is 90-day renewal — which is a feature, not a bug, since it forces you to keep renewal working.

other fix guides

why is my wordpress site slow— what an external browser sees when your wordpress homepage takes too long to render — and the four things that are almost always behind it.
shopify checkout feels broken — how to find out why— a public browser check of your shopify storefront can surface the visible reasons people abandon. here is what we look for.
contact form looks fine but i'm not getting emails— this is the most common silent failure mode of small-business websites. four reasons it usually is — and how a public check can rule out the wrong ones.
wix site not showing on google — what a public check can tell you— your wix site exists, but it does not appear in google search results. four reasons that explain almost every case.

built by vøiddo — a small studio shipping ai-flavoured products, free dev tools, chrome extensions and weird browser games. legal · support@voiddo.com