Web Hosting

Fix "Not Secure" / Expired SSL & Let's Encrypt Renewal

Not Securecertificate has expiredNET::ERR_CERT_DATE_INVALIDrenewal failed
6 min read Updated 12 June 2026 ESAGAMES Team

A "Not Secure" warning or certificate error means the browser doesn't trust your SSL — usually it expired, is mismatched, or auto-renewal broke. Here's how to fix it.

Expired certificate

Let's Encrypt certs last 90 days and are meant to auto-renew. If yours expired, renewal stopped running. Force a renew and check the timer:

certbot renew --force-renewal
systemctl status certbot.timer   # is auto-renew active?

Why renewal fails

  • HTTP-01 challenge blocked — port 80 must be reachable; the .well-known/acme-challenge path must serve files.
  • DNS changed — the domain must still point to this server.
  • Rate limited — too many failed attempts; wait before retrying.
  • The cron/timer was removed — re-enable certbot.timer.

"Not Secure" but cert looks valid

Often mixed content — the page loads some resources over http://. Update those to https:// (or use a plugin/rule), and make sure the site redirects http to https. A cert for the wrong domain (www vs non-www) also triggers it.

On a panel? Use its SSL tool

DirectAdmin/cPanel have a Let's Encrypt button that handles issuing and auto-renewal. Use it rather than hand-running certbot if you're on a panel.

Expired = renewal stopped (fix the timer + the ACME challenge). "Not secure" with a valid cert = mixed content or a domain mismatch.

Free SSL, auto-renewed

Our web hosting includes Let's Encrypt SSL with automatic renewal through the panel — no expiry surprises.

See web hosting
FAQ

Frequently asked questions

Why does my site say "Not Secure"?

Either the SSL certificate expired or is for the wrong domain, or the page loads some resources over http (mixed content). Renew/reissue the certificate and force everything to load over https.

Why did my Let's Encrypt certificate not auto-renew?

The renewal couldn't complete — commonly port 80 / the ACME challenge path was blocked, DNS changed, the certbot timer was disabled, or you hit a rate limit. Fix the challenge and re-enable the timer.

How long do Let's Encrypt certificates last?

90 days. They're designed to renew automatically around day 60 via certbot's timer or your panel. If auto-renewal breaks, the cert eventually expires and the site shows as insecure.

Knowledge base

Related articles

Web Hosting

Fix "500 Internal Server Error" on Your Website

A 500 error on your site? The usual causes — .htaccess, file permissions, PHP — and how to fix them.

Read fix Web Hosting

How to Point a Domain to Your Server (DNS A Record)

How to point a domain at your server with an A record — and why it doesn't work instantly.

Read fix Web Hosting

Fix Email Going to Spam (SPF, DKIM & DMARC Explained)

Mail landing in spam? Set SPF, DKIM and DMARC correctly so your email reaches the inbox.

Read fix

Skip the troubleshooting

Managed, protected hosting in Frankfurt — we handle the Linux, the network and the DDoS so you don't have to.

Game hosting All articles
Payments Secure checkout with cards, banking apps and digital wallets.

Choose the payment flow that fits your stack and region without leaving the platform.

Pay by Zen Visa Mastercard Paysafecard PaysafeCash Skrill Trustly Bancontact UnionPay iDeal WebMoney