You can use any email to validate your domain (DCV)

(14. 1. 2021) The new function expands the possibilities of domain validation by email (DCV). You can now define your own email address in the TXT record of the domain and use it to validate the domain!

Thanks to GDPR and anonymization of the domain owner's data (and its contacts) in the WHOIS, it is no longer practically possible to find the domain owner's email and it is not possible to authorize the issuance of a certificate in this way. Virtually no email other than the one offered can be used. By default, the validation email is sent to the admin, administrator, hostmaster, postmaster, and webmaster mailboxes on the authenticated domain (whether they exist or not). Such a mailbox may not always be available, just as a domain may not have mail at all.

However, now there is a solution. Newly, you have the option to add your own email address to the TXT records of the verified domain and use that address for validation. The new feature extends domain validation by email (DCV) with any email you define in your domain's DNS.

For the validated domain, create the subdomain _validation-contactemail in the TXT records and use the email address you want to use for validation as its destination. The record in the DNS zone looks like this:

_validation-contactemail.domain.com IN TXT joe@gmail.com

After extending the DNS record, DigiCert loads the email address and sends there the DCV approver for the verified domain (as well as to the 5 standard addresses).

If you set your mail to the domain in advance, you will receive a verification email at the new address after requesting the certificate. If you set up a TXT record later, you can send an email to a new address using the Forward the email to verify function, which can be found in the order detail.

Help

SSLmarket App

You can use any email to validate your domain (DCV)