How can I select a different SSL certificate domain validation email?
Table of Contents
To issue an SSL certificate, the Certificate Authority has to validate that the issue request is legitimate and comes from an authorized owner of the domain. This process is called domain validation.
Email-based domain validation is the most common certificate validation mechanism for domain-validated certificate orders.
This article explains how to use a different email for validating your SSL certificate order if your email is not visible in the list generated by the Certificate Authority.
Note
If you aren’t familiar with the email validation process, read the email validation article before proceeding to the next section.
Which email can I use?
The approval email cannot be an arbitrary email like a customer-provided email or the email in your DNSimple account.
Note
Remember: the validation process ensures the certificate is requested by someone with admin rights on the domain. The email must publicly and unequivocally identify the customer as the owner or administrator of the domain listed in the certificate.
The approval email can typically be sent to the following addresses:
- A generic administrative email, like
admin@example.comorwebmaster@example.com(see email requirements for domain validation for the full list). - The email address listed in the public WHOIS record for the domain.
Warning
There are no other alternatives. You can’t use your account email or any other email unless it’s visible in the public WHOIS record for the domain.
Select a different validation email address
Note
Before proceeding, read the email requirements for domain validation to understand the goal of the certificate validation and how it works. It’s important to remember that, as described above in this article, the list of authoritative emails is generated by the Certificate Authority based on the email addresses publicly associated with the domain attached to the certificate.
If you want to submit your certificate to the Certificate Authority for approval, but none of the provided email addresses are working, you must temporarily configure one of the email addresses in the list (either as a full mailbox or as an alias/forward to an existing mailbox). If the domain doesn’t have any email service associated, and you manage the DNS with us, you can use our email forwarding service to quickly create an email for admin@example.com and forward it to a personal or private email.
Email validation and GDPR
Due to GDPR regulations, some registrars hide email addresses from the public WHOIS record.
If your domain’s WHOIS record doesn’t show any email addresses, the Certificate Authority may not be able to generate a list of validation emails. In this case, you’ll need to temporarily make an email address visible in the WHOIS record to proceed with the certificate validation.