Skip to content

Re-try / Re-issue SSL on a Mapped Domain

When you map a custom domain to your InstaWP site, InstaWP automatically issues a free SSL certificate (via Let's Encrypt) for it, so your site loads securely over https://. Occasionally the first certificate request can fail — most often because the domain's DNS hadn't fully pointed to InstaWP yet when SSL was attempted. In that case your custom domain may show a "Not secure" warning or an SSL error in the browser.

InstaWP provides a Retry SSL button so you can re-trigger certificate issuance yourself, without having to unmap and re-map the domain.

When to re-issue SSL

Use Retry SSL if, after mapping your custom domain, you see any of the following:

  • Your domain shows "Not secure", a certificate warning, or an SSL_ERROR / NET::ERR_CERT message in the browser.
  • The site loads over http:// but not over https://.
  • You mapped the domain before its CNAME / DNS record had finished pointing to InstaWP, and SSL failed on the first attempt.

Before you retry, make sure DNS is correct. SSL can only be issued once your domain actually resolves to your InstaWP site. Confirm the domain's CNAME (or ANAME/ALIAS) record points to your InstaWP hostname and has propagated. See How to Map a custom domain to InstaWP Site for the DNS setup. If DNS isn't pointing correctly yet, retrying SSL will keep failing until it is.

How to re-try SSL

Step 1: Log in to your InstaWP dashboard, go to the Sites page, and open the site whose mapped domain you want to secure.

Step 2: In the site's left menu, expand Connectivity and click Map Domain.

Step 3: On the Map Domain page you'll see the domains connected to your site. Find your Primary custom domain and click the Retry SSL button next to it.

The Retry SSL button next to a primary mapped domain on the Map Domain page

Step 4: InstaWP will re-attempt to issue the SSL certificate for that domain. The button becomes temporarily disabled while the request is in progress.

That's it — once the certificate is issued, your custom domain will load securely over https://.

Notes & troubleshooting

  • Give it a few minutes. Certificate issuance and DNS propagation aren't instant. After clicking Retry SSL, wait a few minutes, then reload your domain over https:// in a fresh/incognito tab.
  • SSL is only re-issued for the Primary domain. InstaWP-generated domains (e.g. your-site.instawp.site) are secured automatically and don't need this step. The Retry SSL action applies to your mapped custom domain.
  • Still failing after DNS is correct? Double-check there's no conflicting CAA record on your domain that blocks Let's Encrypt, and that any proxy (for example Cloudflare's orange-cloud) isn't interfering with certificate validation. If it still won't issue after DNS has fully propagated, contact InstaWP support with your site and domain name.

Docs are open — edit on GitHub. Built with VitePress.