- Print
- PDF
Email validation
- Print
- PDF
The latest service changes have not yet been reflected in this content. We will update the content as soon as possible. Please refer to the Korean version for information on the latest updates.
Available in Classic and VPC
Before issuing a certificate, ownership for all domains you apply for must be validated. You can choose one of two ways to validate domain ownership: email validation or DNS validation.
For more information about the DNS validation method, see DNS validation.
Email validation prerequisites
Email validation involves entering a validation value in the Certificate Manager console, which is sent to the common system administration address (a reserved email address).
Please note from May 9, 2024, we will discontinue support for WHOIS public address email validation for the following reasons:
- Background
To comply with different privacy laws and recommended practices, including GDPR, the number of domains that do not make their WHOIS addresses public continues to increase. Over the past 5 months, of all email validations successful email validations with WHOIS public addresses is about 7% and 0.5% of all certificates issued. Due to these changes, we're discontinuing email validation with WHOIS public addresses. - Changes
From May 9, 2024, we will discontinue to support email validation through WHOIS searched public addresses. We will continue to support sending email validation to the 5 common addresses (administrator, hostmaster, postmaster, webmaster, and admin) by searching their MX records. This change does not affect any certificates that have been already issued.
- If you don’t have a public address or it can’t be retrieved, email sending may fail or validation may not be possible. Check this out first.
- Email IDs of a common system administration address are these 5 emails; admin, administrator, hostmaster, postmaster, and webmaster. The email domain will view MX records from the top-level domain of the applied domain to the APEX domain, and send them to the viewed domain. If an MX record is not viewed, the applied domain is set before sending. Subdomains are set except for
www
and*
. Check the availability of MX records and common system administration address emails in advance.
Type | Email addresses for sending | Examples |
---|---|---|
Common system administration address | Email ID: admin / administrator / hostmaster / postmaster / webmaster (5 in total) Email domain: MX record viewed domain or applied domain except www and * | If the applied domain is foo.bar.baz.example.com and an MX record is viewed in baz.example.com, then admin@ baz.example.com administrator@ baz.example.com hostmaster@ baz.example.com postmaster@ baz.example.com webmaster@ baz.example.com |
Email validation method
If you select Email validation as the validation method when applying for a certificate, an email requesting approval for certificate issuance is sent to the public address and common system administration address after the application is completed. The email body contains the following content:
- Certificate name: a name entered when applying for a certificate
- Domain: a domain name entered when applying for a certificate
- Validation value: a random value that proves ownership of the domain(s) listed in domain
- Check the email body for the certificate name and domain you requested.
- Log in to the Certificate Manager console using the account that requested the certificate and enter the validation value.
(In the Certificate list > Certificate details of the requested certificate > Validation status path, click applicable domain, and then click [Enter validation value].) - Domains for which the validation value has been successfully entered will have their validation status changed from In progress to Succeeded.
If there are multiple domains included in the certificate and the domains have the same email address in the public orcommon system administration address looked up in the WHOIS, a validation value will be sent to the email address, which can be used to validate those domains. In this case, when you enter the validation value in the Certificate Manager console, if you successfully enter the validation value for at least 1 domain, regardless of the order of the domains in Domain in the email body, the multiple domains will be verified in batch.
The certificate is issued after all domains included in the certificate have successfully validated. Go to Certificate list > Certificate details to see the validation status for your domains.
Resend email
When the certificate status is In progress, click [Resend email] in Certificate list > Certificate details to resend the validation email.
- You can resend the email validation up to 10 times within 72 hours of applying for the certificate.
- You may want to consider resending the email in the following situations:
- When you set up or changed your public address or MX records after you applied for a certificate
- When you need to resend it to the same address due to spam blocking or delivery failure