The best part is, the cert you use to log in to your account itself expires after a year. So if you don't renew it in time you lose the ability to log in and issue a new certificate for your site, right at around the time your site's certificate expires.

They specifically tell you that you need to back up your login-cert or you will lose access.

One year passed, and I checked my backups. Yup, there it was.

If you take security seriously, you should actually read what's on the page instead of clicking "next, next, next" like some driveby malware-installing Windows-installer. And then this shouldn't be an issue.

I guess this is StartSSL's way of not having to deal with people who don't take security as seriously as they do.

We'll send you a cert in an hour after manually verifying for no reason! – StartSSL, four months ago.