diff --git a/src/Site_Command.php b/src/Site_Command.php
index e66f83e3..045cc623 100644
--- a/src/Site_Command.php
+++ b/src/Site_Command.php
@@ -109,6 +109,22 @@ public function __invoke( $args, $assoc_args ) {
 				$args     = [ 'site', 'ssl-renew', $site->site_url ];
 				$callback = $site_types[ $type ];
 
+				if ( 'le' !== $site->site_ssl || ! $site->site_enabled || 'inherit' === $site->site_ssl ) {
+					continue;
+				}
+
+				$api_key_absent        = empty( EE\Utils\get_config_value( 'cloudflare-api-key' ) );
+				$skip_wildcard_warning = false;
+
+				if ( $site->site_ssl_wildcard && $api_key_absent ) {
+					EE::warning( "Wildcard site found: $site->site_url, skipping it as api keys not found. Please renew this site manually using command `ee site ssl-renew $site->site_url`" );
+					if ( ! $skip_wildcard_warning ) {
+						EE::warning( "As this is a wildcard certificate, it cannot be automatically renewed.\nPlease run `ee site ssl-renew $site->site_url` to renew the certificate, or add cloudflare api key in EasyEngine config. Ref: https://rt.cx/eecf" );
+						$skip_wildcard_warning = true;
+					}
+					continue;
+				}
+
 				$command      = EE::get_root_command();
 				$leaf_command = CommandFactory::create( 'site', $callback, $command );
 				$command->add_subcommand( 'site', $leaf_command );
diff --git a/src/helper/class-ee-site.php b/src/helper/class-ee-site.php
index 6ac21a07..41074a87 100644
--- a/src/helper/class-ee-site.php
+++ b/src/helper/class-ee-site.php
@@ -1174,7 +1174,7 @@ private function renew_ssl_cert( $args, $force ) {
 			$this->enable( $args, [ 'force' => true ] );
 		}
 
-		if ( ! $client->isRenewalNecessary( $this->site_data['site_url'] ) ) {
+		if ( ! $force && ! $client->isRenewalNecessary( $this->site_data['site_url'] ) ) {
 			return 0;
 		}