How to fix ssl expiry on WooCommerce

Steps for WooCommerce

1. WooCommerce itself does not manage SSL — your certificate is controlled at the hosting or server level.
2. Log into your hosting control panel (cPanel, Plesk, Kinsta, WP Engine, SiteGround, etc.) and navigate to SSL/TLS or Security → SSL.
3. If your host uses Let's Encrypt (most do), find the 'Auto-Renew' or 'Auto SSL' toggle and confirm it is enabled.
4. For paid certificates managed outside your host, note the expiry date shown in the SSL dashboard and set a renewal reminder 60 days out.
5. After renewal, visit WooCommerce → Settings → General and confirm both 'WordPress Address' and 'Site Address' begin with https://.
6. Install a plugin such as 'Really Simple SSL' to catch any mixed-content warnings after a certificate change.

What is ssl expiry?

An SSL/TLS certificate is the digital credential that puts the padlock icon in your browser's address bar and enables the "https://" in your store's URL. Every certificate has a fixed expiry date — after which browsers immediately block visitors with a scary "Your connection is not private" warning. Most certificates are issued for 90 days (free Let's Encrypt certs) or 1–2 years (paid certificates from providers like SSL Corporation, DigiCert, Sectigo, etc.). Knowing your expiry date and having automatic renewal in place is routine maintenance — like renewing a business licence — that keeps your store open and trusted.

If your certificate expires, every browser will show a full-page red warning to anyone trying to visit your store, effectively shutting you down until it is renewed — that means zero sales for the duration. Google also uses HTTPS as a ranking signal, so a lapsed certificate can hurt your search visibility. Beyond lost revenue, an expired cert erodes customer trust in a way that is hard to recover from: shoppers who see that warning rarely return. Depending on your jurisdiction and the type of data you collect, operating without a valid certificate may also expose you to PCI-DSS violations and data-protection regulatory risk.

See the complete Ssl expiry guide for every platform and the full background.