Guides
Plain-language explainers on DNS, SSL/TLS certificates, and domain health — written for people who run sites, not certificate authorities.
Why your DNS change hasn't taken effect yet
Changed an A record or nameservers and nothing happened — or it works for you but not others? Why 'propagation' misleads, what TTL really controls, and how to check.
Read guide →Did your domain auto-renew fail?
Domain registration expiry isn't SSL expiry. Why auto-renew quietly fails, what really happens when a domain lapses, and how to read your authoritative expiry date.
Read guide →Looks fine in your browser but a check says broken
You see the padlock; a monitor or curl says broken. The usual cause is an incomplete chain your browser quietly works around — why it splits clients, and how to confirm.
Read guide →What your SSL check result actually means
Expired, untrusted, self-signed, wrong host, valid-but-'not secure' — what each SSL check result means, why it happens, and exactly what to do next.
Read guide →Why SSL certificates are getting shorter
Certificate lifetimes drop from 398 to 47 days by 2029. The plain-language why — and why automated renewal makes silent failures more likely.
Read guide →More on the way
- What ACME and Let's Encrypt automate — and what they don't