Domain Control Validation Challenges after GDPR

The European Union's General Data Protection Regulation (GDPR), in effect as of May 25, 2018, introduces policies that may prevent Certificate Authorities from getting the proper domain contact email from your domain registrars. Your domain WHOIS contact is a primary method to prove domain ownership for certificate requests and domain approvals.

Our first suggestion is to contact your Domain Registrar to see if they have a policy which will allow you to approve them propagating the WHOIS details so that you can receive approval emails. The Internet Corporation for Assigned Names and Numbers (ICANN) sent all Domain Registrars their recommended processes to allow them to propagate WHOIS data and still be compliant with GDPR. Some Registrars are following the guidelines, others are not.

If your Registrar will not be able to propagate your WHOIS information and you cannot receive an email at the approved alias email accounts at the domain itself including admin, administrator, hostmaster, postmaster, and webmaster, then hopefully you have access to the domain's DNS record and can have the domain approved by placing a random value in a note on the DNS record. Digicert allows domain approval via a DNS TXT entry and Comodo allows domain approval via a DNS CNAME entry. If you choose this method we will have the Certificate Authority generate the Random Value for you to paste into the DNS record and once pasted we will have the Certificate Authority Scan for the value and that will allow them to approve the domain. If you choose this method please contact us to request the code to use.