What to Do When a Client Domain Is About to Expire

When a client domain about to expire appears in your agency workflow, the first job is to verify the expiry date and identify who controls renewal. Do not assume the agency can renew it. Many client domains are owned in the client's registrar account, a founder's personal account, a previous vendor's account, or a reseller panel nobody has opened in years.

The right response is calm and structured: confirm the data, contact the owner, document responsibility, check related DNS and email risk, and prevent the same situation from happening again.

This guide gives agencies a practical workflow for handling domain expiry before it becomes a client-visible incident.

Client domain about to expire: first response

Start with verification. Public data can be incomplete, and registrar dashboards are the source of truth when you have access.

Use this first-response checklist:

| Step | Action | Owner | |---|---|---| | 1 | Confirm the domain and expiry date | Technical lead or operations | | 2 | Identify the registrar | Technical lead | | 3 | Identify who controls the registrar account | Account manager | | 4 | Check auto-renew status if access exists | Account manager or client | | 5 | Contact the client if they control renewal | Account manager | | 6 | Check DNS and email dependency | Technical lead | | 7 | Document the outcome | Account manager |

If the expiry window is short, do these in parallel. Do not wait for perfect information before warning the client.

Verify the expiry date

Domain expiry information may come from RDAP, registrar dashboards, renewal emails, or billing records. Public RDAP is useful, but it is not equally complete across every TLD.

Use public data as an early warning, then verify through the registrar when possible.

If public data says the domain is near expiry:

• Check the registrar account if your agency has access.
• Ask the client for a screenshot if they own the account.
• Confirm whether auto-renew is enabled.
• Confirm whether the payment method is valid.
• Confirm whether the domain is locked or in a transfer state.

If public data is unavailable, do not ignore the domain. Mark it as limited data and ask the client or registrar to confirm renewal status.

You can check a single domain with the free domain health check, or audit up to 10 client domains with the free agency audit.

Identify who controls renewal

This is usually the hardest part. Agencies often inherit domains without inheriting registrar access.

Common ownership patterns:

| Registrar owner | Risk | Best next step | |---|---|---| | Agency controls registrar | Low | Renew or confirm auto-renew | | Client controls registrar | Medium | Send client clear renewal instructions | | Previous vendor controls registrar | High | Escalate ownership transfer | | Unknown account | High | Ask client to search billing and renewal emails | | Reseller account | Medium | Confirm reseller renewal process |

The agency should not quietly take responsibility for a domain it does not control. Instead, document who owns the renewal action.

Contact the client with a clear message

The client email should be specific and action-oriented. Avoid saying "your domain might be broken" unless the domain is already expired.

A useful message includes:

• Domain name.
• Observed expiry date.
• Why it matters.
• What the client needs to confirm.
• Deadline for confirmation.
• What happens if renewal is not completed.

Example:

We found that example.com appears to be approaching domain renewal. Please confirm that auto-renew is enabled in your registrar account and that the payment method is current. If the domain expires, the website and email may stop resolving.

If the agency has registrar access, the message can be shorter:

We confirmed example.com is set to auto-renew. No client action is needed. We will continue monitoring it.

Check DNS and email risk

Domain expiry affects more than the website. If the domain stops resolving, email can fail, DNS records stop answering, and SSL renewal may also fail.

When a client domain is close to expiry, review:

• MX records for email delivery.
• NS records for DNS authority.
• A and AAAA records for website routing.
• TXT records for SPF, DMARC, and vendor verification.
• CAA records for certificate issuance.

This gives you a fuller risk picture. A client may care more about email interruption than the website itself.

For DNS monitoring details, read how to monitor DNS changes across client websites.

Decision tree: what should the agency do?

Use this simple decision tree:

| Situation | Agency action | |---|---| | Agency controls registrar and auto-renew is enabled | Confirm payment method and document | | Agency controls registrar and auto-renew is off | Renew now or enable auto-renew with approval | | Client controls registrar | Send renewal instructions and request confirmation | | Previous vendor controls registrar | Escalate ownership transfer immediately | | Registrar unknown | Ask client to search renewal invoices and domain emails | | Public data unavailable | Mark limited data and verify manually | | Domain already expired | Treat as urgent incident and recover through registrar |

The worst action is vague ownership. Every expiring domain should have one named person responsible for the next step.

If the agency does not control the registrar

Many agencies hesitate here because they do not want to alarm the client. But a domain expiry warning is exactly the kind of operational risk clients expect an agency to surface.

If the client controls the registrar:

1. Send the expiry warning.
2. Ask them to confirm auto-renew.
3. Ask them to confirm the payment method.
4. Ask for the registrar name.
5. Offer to document the domain in the agency's monitoring system.
6. Recommend granting the agency appropriate access if it fits the relationship.

Do not ask for passwords over email. Use proper account access, delegated permissions, or a secure process agreed with the client.

Document ownership after renewal

Once the immediate risk is handled, document the domain so the team does not repeat the same investigation next year.

Record:

• Registrar.
• Account owner.
• Renewal owner.
• Auto-renew status.
• Payment responsibility.
• Domain expiry date.
• DNS provider.
• Notes about access limitations.

This information belongs in your agency operations system. If it only lives in a Slack thread or inbox, it will be lost.

Prevent recurrence

Prevention means monitoring and reporting, not relying on memory.

At minimum:

• Check domain expiry regularly.
• Check SSL expiry regularly.
• Monitor DNS changes.
• Group domains by client.
• Include domain health in monthly reports.
• Keep ownership notes current.

For a broader process, read domain expiry monitoring for agencies and how to build a monthly client domain health report.

Add the domain to the monthly review cycle

Once a close-call domain is renewed, do not treat the incident as finished. Add it to the monthly review cycle with a note about who controls renewal and what happened. This is especially useful when the client owns the registrar account.

The next report should not shame the client. It should document that the domain was checked, renewal ownership was confirmed, and the agency will keep monitoring public signals. That turns a stressful renewal warning into a better operating process for the next cycle.

What not to promise

Be careful with client communication. A domain expiry warning is not a legal compliance guarantee, uptime guarantee, or renewal guarantee.

Do not promise:

• "We guarantee the domain cannot expire."
• "CertPilot renews domains automatically."
• "This replaces registrar ownership records."
• "This proves legal ownership."

The right promise is simpler: your agency monitors public signals, flags risks early, and documents recommended actions.

How CertPilot helps

CertPilot monitors SSL, DNS, domain expiry, and renewal risk across client websites. It helps agencies see which domains need attention and produces reports that make the work visible to clients.

If you are responding to one urgent domain, use the single-domain health check. If you want to review a client portfolio, start with the free 10-domain audit.

Related resources

• Domain expiry monitoring for agencies
• Domain and hosting renewal checklist for agencies
• DNS drift agency guide
• How CertPilot checks domains

Frequently Asked Questions

What should an agency do when a client domain is about to expire?

Confirm the expiry date, identify the registrar, and find out who controls renewal. If the client owns the registrar account, contact them early with a clear action request.

At the same time, check DNS, email, and SSL impact. A client domain about to expire can affect the website, email delivery, SSL renewal, and any services tied to that domain.

What if the agency does not control the registrar account?

Do not imply that the agency can renew a domain it does not control. Document the ownership gap, tell the client what needs to be checked, and ask them to confirm auto-renewal and payment status.

If the relationship allows it, recommend delegated access or a defined registrar ownership process for future website care plans.

Can domain expiry break email as well as the website?

Yes. If the domain stops resolving, MX records may stop answering and email can fail along with the website.

That is why domain expiry monitoring for agencies should include both website and email risk, especially for client domains used for business-critical communication.

Should domain renewal be part of a care plan?

It should at least be documented in the care plan. The plan should state who owns registrar access, who pays for renewal, who receives notices, and how warnings are handled.

The agency can monitor and report domain health even when the client keeps registrar ownership.