skip to primary navigationskip to content

Renewal process

How to renew your TLS certificates

We strongly advise you to replace your certificate with a Let's Encrypt certificate before the current one expires. You can do this at any time, and there's no need to wait until your certificate is about to expire. Let's Encrypt certificates are free, and you can renew them automatically using certbot, so your site will remain secure.

If you continue using our certificates, we advise you to plan to ensure that you renew your certificates in good time. If the certificate expires, visitors to your site will receive confusing security warnings and may be unable to connect at all.

At present, you must replace certificates when they expire. It is not possible to renew UIS-issued certificates. If your existing certificate is due to expire within the next few days or weeks, please apply for a new certificate. The new certificate's expiry date will be based on its date of issue (not the old certificate's expiry date).

See Application process and charges for instructions on how to apply.

A 'Certificate Signing Request' (CSR) will be required, which can be based on the server's existing keys, although best practice is to generate a new key pair.


Last updated: 17 February 2021