Industry leaders will begin phasing out WHOIS-based DCV methods. As a result, the WHOIS protocol or HTTPS server query data will no longer be used to 1) identify domain contacts or 2) verify an entity’s control over a domain.
If You Don’t Use WHOIS Data for Domain Control Validation
If a method other than WHOIS web-based lookups was used to validate your domain— for example, DNS TXT records, file validation, or constructed email (e.g., administrator@domain.com) verification — then this has no impact on you or your certificates. You’re right as rain and you don’t have to worry about any of these changes.
If You Did Use WHOIS Data for Your Domain Control Validation Process
If you used WHOIS-listed email address to validate your domain when getting a website security certificate, you’ll need to change validation methods when requesting a new SSL/TLS certificate. This is true even for customers who are within the allowed prior authorization reuse period.
The easiest method for most customers will be to use one of the “constructed” or pre-approved validation email addresses:
admin@yourdomain.com
administrator@yourdomain.com
webmaster@yourdomain.com
hostmaster@yourdomain.com
postmaster@yourdomain.com
Alternative methods of domain control validation include file and DNS-based validation methods:
DNS TXT records
DNS CNAME (canonical name) records that link an alias to one or more other domains
HTTP file authentication
Sunday, January 12, 2025
