{"id":3201,"date":"2025-01-09T07:11:34","date_gmt":"2025-01-09T07:11:34","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=3201"},"modified":"2025-01-09T07:14:54","modified_gmt":"2025-01-09T07:14:54","slug":"end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/","title":{"rendered":"The End of WHOIS-Based DCV Methods: What You Need to Know and How to Transition"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Because of critical weaknesses in the WHOIS system, the CA\/Browser Forum has required that WHOIS-based Domain Control Validation (DCV) methods be retired.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This change applies to all CAs, and there was a broader effort to improve the security and reliability of <a href=\"https:\/\/certera.com\/\">publicly trusted SSL\/TLS certificates<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To be compliant, all big CAs, including Sectigo and DigiCert, will not utilize WHOIS email addresses or contact data to verify a domain. It impacts organizations that employ WHOIS-based techniques and require immediate lea to transition to other standard DCV practices within the industry.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-key-dates-and-timeline\">Key Dates and Timeline<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The background to do away with WHOIS-based Domain Control Validation methods was anchored on severe security deficits and risks. Therefore, the changes outlined below must be applied to all CAs, namely, DigiCert and Sectigo, at the industry level. <strong>Here is the detailed timeline of the changes and their implications:<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading quote-section\" id=\"h-phase-1-january-8-2025-linx048-end-of-web-based-https-whois-lookups-reuse-possibilities-for-whois-validations\">Phase 1 &#8211; January 8, 2025: LINX048 End of web-based https whois lookups: Reuse Possibilities for WHOIS Validations<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-that-marks-the-end-of-the-https-web-based-whois-lookups\">That marks the end of the HTTPS web-based WHOIS lookups<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Starting January 8, 2025, CAs cannot do HTTPS web-based WHOIS lookups to obtain domain contact information for DCV.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Background:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Previously, where WHOIS protocol queries fail, for instance, due to rate limits or the lack of data, validation agents have relied on, for many a year now, manual HTTPS-based WHOIS lookups to ascertain the contact data of the particular domain. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">These lookups enable the validations to continue even when other, more automated methods break down. However, this world will no longer be allowed as a workaround.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impact:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Since the DCV methods were founded on WHOIS, which used such lookups, they will become unusable.<\/li>\n\n\n\n<li>This means that domain owners migrate to other forms of validation, such as DNS TXT, HTTP file-based, or constructed email DCV methods.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-end-of-reusing-whois-based-domain-validations\">End of Reusing WHOIS-Based Domain Validations<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">CAs will cease to accept the reuse of domain validations acquired from HTTPS WHOIS lookups regardless of the fact they have not expired and still have 397 days of validity.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impact:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">All certificates issued or renewed through WHOIS-based validations shall be validated non-WHOIS based methods.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It is high time to move to other forms of DCV, indicated by the change in these regions.<\/p>\n\n\n\n<h3 class=\"wp-block-heading quote-section\" id=\"h-phase-2-may-8-2025-discontinuation-of-whois-based-email-and-phone-domain-control-validation\">Phase 2 &#8211; May 8, 2025: Discontinuation of WHOIS-Based Email and Phone Domain Control Validation<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">CAs will also cease to allow the use of telnumbd@ and.ORG contact-verification methods for both email and phone.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impact:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">WHOIS-based methods of validation of requests will not be accepted.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Customers depending on email or phone validation via WHOIS will need to migrate to one of the supported methods, including:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Constructed Email DCV: <\/strong>Employing admin@, administrator@, hostmaster@, postmaster@ or webmaster@.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>DNS TXT Record Validation<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>HTTP File-Based Validation<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading quote-section\" id=\"h-phase-3-july-8-2025-the-final-conclusion-of-whois-based-dcv-for-certificate-reissuance-trials-is-made\">Phase 3 &#8211; July 8, 2025: The Final Conclusion of WHOIS-Based DCV for Certificate Reissuance Trials is made.<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">These specific WHOIS-based validations will no longer be allowed to be reused even in the instance where a certificate will be renewed or reissued.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impact:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Domains validated by the WHOIS server must be validated by other DCV methods to request a renewal of certificates. The change would apply to all <a href=\"https:\/\/certera.com\/\">TLS\/SSL Certificates<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-sectigo-s-and-digicert-s-currently-supported-dcv-methods\">Sectigo\u2019s and DigiCert\u2019s Currently Supported DCV Methods:<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">As WHOIS-based DCV methods gradually disappear, Sectigo and DigiCert have defined other supported methods to secure domain validation. Below is a breakdown of their currently supported DCV methods:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-the-dns-txt-record-validation-is-recommended-method\">The DNS TXT Record Validation is (Recommended Method):<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Overview<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In this method, the user is required to add a DNS TXT record with a token you will be provided with by the Certificate Authority (CA). It is believed to be very safe and efficient.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Steps to Perform DNS TXT Record Validation:<\/strong><\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li>The next step is to log into the DNS management system that goes with your website.<\/li>\n\n\n\n<li>Add a TXT record with the values given by Sectigo or DigiCert.<\/li>\n\n\n\n<li>Wait for DNS propagation (can take up to 24 hours).<\/li>\n\n\n\n<li>Notify the CA or wait for automated verification.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Advantages:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Most secure method.<\/li>\n\n\n\n<li>Does not need access to email or hosting environments.<\/li>\n\n\n\n<li>Ideal for automated workflows and large-scale deployments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-http-file-based-validation\">HTTP File-Based Validation<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Overview<\/strong>:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This is achieved by copying a file provided by the CA to a directory on your web server that you are supposed to. The CA ensures that it checks on the ownership of the domain by using a specific URL to download the file.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Steps to Perform HTTP File-Based Validation:<\/strong><\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li>It is possible to download the validation file from the CA\u2019s portal.<\/li>\n\n\n\n<li>Store this file in the directory indicated at the URL http:\/\/www.yourwebsite.com\/.well-known\/pki-validation\/<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Example:<\/strong> http:\/\/yourdomain.com\/.well-known\/pki-validation\/fileauth.txt.<\/p>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li>Verify that the file is easily downloadable from the Internet.<\/li>\n\n\n\n<li>Either inform the CA or wait for an automated notice.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Advantages:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Installation that does not require much from the average user who has control of the domain web server.<\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/ssl-types\/single-domain-ssl-certificates\">Single-domain certificates<\/a> work well but are not so effective when dealing with <a href=\"https:\/\/certera.com\/ssl-types\/multi-domain-ssl-certificates\">multiple domains<\/a> simultaneously.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-build-email-dcv-email-addresses-to-support\">Build Email DCV (Email Addresses to Support)<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Overview<\/strong>:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Email Validation:<\/strong> This is achieved by sending a confirmation message to the email you create with a fake address at your domain. The message recipient approves validation from the email by clicking a link provided on the email body.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Supported Email Addresses:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>admin@yourdomain.com<\/li>\n\n\n\n<li>administrator@yourdomain.com<\/li>\n\n\n\n<li>hostmaster@yourdomain.com<\/li>\n\n\n\n<li>postmaster@yourdomain.com<\/li>\n\n\n\n<li>webmaster@yourdomain.com<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Steps to Perform Email Validation:<\/strong><\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li>Ensure at least one of the mail-to links above is active and working.<\/li>\n\n\n\n<li>Email DCV Request from the CA.<\/li>\n\n\n\n<li>The next step is to receive a verification email and click on a verification link from this email.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Advantages:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Easy to use for small commercial entities or individual web domains.<\/li>\n\n\n\n<li>It doesn\u2019t need Domain Name System (DNS) or hosting access in any way.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <a href=\"https:\/\/certera.com\/blog\/digicert-elevates-industry-standards-with-new-open-source-dcv-library\/\">DigiCert Elevates Industry Standards with New Open-Source DCV Library<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-comparison-of-sectigo-and-digicert-s-supported-domain-control-validation-methods\">Comparison of Sectigo and DigiCert\u2019s Supported Domain Control Validation Methods<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Validation Method<\/strong><\/td><td><strong>Sectigo<\/strong><\/td><td><strong>DigiCert<\/strong><\/td><td><strong>Recommendation<\/strong><\/td><\/tr><tr><td><strong>DNS TXT Record<\/strong><\/td><td>\u2705<\/td><td>\u2705<\/td><td>Best for automation, scalability, and security.<\/td><\/tr><tr><td><strong>HTTP File-Based<\/strong><\/td><td>\u2705<\/td><td>\u2705<\/td><td>Simple for users with server access, suitable for small-scale operations.<\/td><\/tr><tr><td><strong>Constructed Email DCV<\/strong><\/td><td>\u2705<\/td><td>\u2705<\/td><td>Convenient for individuals or small organizations with admin email access.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-impact-on-organizations\">Impact on Organizations:<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If you currently rely on WHOIS-based email or phone validation methods:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-domain-validations-at-risk\">Domain Validations at Risk:<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Certificates validated through WHOIS methods must be revalidated with other methods on or before this date.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-delayed-certificate-issuance\">Delayed Certificate Issuance:<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Organizations relying on instant issuance also risk delaying their mail without proactive revalidation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-compliance-requirements\">Compliance Requirements:<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">This is important to achieve compliance and avoid shutting down the services at some point, which would occur if going back to using unsupported mechanisms for copying between data centers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-should-you-do-next\"><a><\/a>What Should You Do Next?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Follow these steps to ensure a smooth transition:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-1-audit-your-certificates\">1. Audit Your Certificates<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Determine cases of certificates authenticated by WHOIS-based techniques.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It is helpful to mark validations with expiry dates and assess whether existing validations match the reuse period.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-2-select-an-alternative-supported-dcv-method\">2. Select an Alternative Supported DCV Method<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Choose DNS TXT record validation because it is simpler and provides higher security.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You can also create the bogus, in other words, by using other bogus email addresses or using HTTP validation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-3-revalidate-your-domains\">3. Revalidate Your Domains<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">All domain validation must be done with one of the above forms before the deadline.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-4-update-automation-processes\">4. Update Automation Processes<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Significant concerns exist about updating the automated workflows to support the new DCV methods.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-5-watch-updates\">5. Watch Updates<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Ensure that you receive updates from your CA regarding changes in validation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\"><a><\/a>Conclusion<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The deprecation of WHOIS-based DCV methods represents a significant evolution in the SSL\/TLS validation practice, furthering security and trust. Organizations should act quickly to migrate to supported DCV methods such as DNS TXT records, constructed email addresses, and HTTP demonstrations. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Plan ahead, revalidate your domains, and ensure seamless certificate issuance; rest assured that you have met the most current industry standards. Don&#8217;t hesitate to <a href=\"https:\/\/certera.com\/support\">contact our support team<\/a> if you continue to require support with the DCV methods or have any queries regarding this update.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-frequently-asked-questions-faqs\"><a><\/a>Frequently Asked Questions (FAQs)<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-1-nbsp-why-are-whois-based-validation-methods-being-removed-from-use\">1.&nbsp;Why are WHOIS-based validation methods being removed from use?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">WHOIS-based DCV methods do not provide security due to the <a href=\"https:\/\/labs.watchtowr.com\/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi\">existence of vulnerabilities<\/a> like spoofing, incomplete contact data, and query rate limit. These risks have incited the demand from the CA\/Browser Forum for a more robust mode of alternatives.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-2-nbsp-can-i-still-use-email-for-domain-validation\">2.&nbsp;Can I still use email for domain Validation?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Yeah, but through a specifically created email, either admin@yourdomain.com or one would have to be set in the DNS TXT record.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-3-nbsp-what-happens-if-i-fail-to-revalidate-my-domain\">3.&nbsp;What happens if I fail to revalidate my domain?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Certificates based on WHOIS-based validations will no longer be issued nor will they be able to be reused. If they are not revalidated before deadlines, there could be service disruptions.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-4-nbsp-which-dcv-method-is-the-most-secure\">4.&nbsp;Which DCV method is the most secure?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">DNS TXT record validation is secure, easy to set up, and least likely to be deprecated.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-5-nbsp-how-do-i-prepare-for-these-transformations\">5.&nbsp;How do I prepare for these transformations?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Auditing certificates, transitioning to a supported DCV method, and pre-validating domains in advance will help keep compliance and prevent certificate issuance from being disrupted.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Because of critical weaknesses in the WHOIS system, the CA\/Browser Forum has required that WHOIS-based Domain Control Validation (DCV) methods be retired. This change applies to all CAs, and there was a broader effort to improve the security and reliability of publicly trusted SSL\/TLS certificates. To be compliant, all big CAs, including Sectigo and DigiCert,<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":3203,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,19],"tags":[619],"class_list":["post-3201","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ssl-certificate","category-website-security","tag-whois-email-dcv-deprecation","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>End of WHOIS-Based Domain Validation Method: Transition to Alternative DCV<\/title>\n<meta name=\"description\" content=\"All Public Trusted CA no longer allow certificates to be issued based on a WHOIS email address validation. Domains must be re-validated.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"End of WHOIS-Based Domain Validation Method: Transition to Alternative DCV\" \/>\n<meta property=\"og:description\" content=\"All Public Trusted CA no longer allow certificates to be issued based on a WHOIS email address validation. Domains must be re-validated.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-09T07:11:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-09T07:14:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/01\/end-of-who-based-email-validation.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"The End of WHOIS-Based DCV Methods: What You Need to Know and How to Transition\",\"datePublished\":\"2025-01-09T07:11:34+00:00\",\"dateModified\":\"2025-01-09T07:14:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/\"},\"wordCount\":1494,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/end-of-who-based-email-validation.webp\",\"keywords\":[\"WHOIS-Email DCV Deprecation\"],\"articleSection\":[\"SSL Certificate\",\"Website Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#respond\"]}],\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/\",\"name\":\"End of WHOIS-Based Domain Validation Method: Transition to Alternative DCV\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/end-of-who-based-email-validation.webp\",\"datePublished\":\"2025-01-09T07:11:34+00:00\",\"dateModified\":\"2025-01-09T07:14:54+00:00\",\"description\":\"All Public Trusted CA no longer allow certificates to be issued based on a WHOIS email address validation. Domains must be re-validated.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/end-of-who-based-email-validation.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/end-of-who-based-email-validation.webp\",\"width\":960,\"height\":620,\"caption\":\"WHOIS-Email DCV Deprecation\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The End of WHOIS-Based DCV Methods: What You Need to Know and How to Transition\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"End of WHOIS-Based Domain Validation Method: Transition to Alternative DCV","description":"All Public Trusted CA no longer allow certificates to be issued based on a WHOIS email address validation. Domains must be re-validated.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/","og_locale":"en_US","og_type":"article","og_title":"End of WHOIS-Based Domain Validation Method: Transition to Alternative DCV","og_description":"All Public Trusted CA no longer allow certificates to be issued based on a WHOIS email address validation. Domains must be re-validated.","og_url":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2025-01-09T07:11:34+00:00","article_modified_time":"2025-01-09T07:14:54+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/01\/end-of-who-based-email-validation.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"The End of WHOIS-Based DCV Methods: What You Need to Know and How to Transition","datePublished":"2025-01-09T07:11:34+00:00","dateModified":"2025-01-09T07:14:54+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/"},"wordCount":1494,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/01\/end-of-who-based-email-validation.webp","keywords":["WHOIS-Email DCV Deprecation"],"articleSection":["SSL Certificate","Website Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#respond"]}],"copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/","url":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/","name":"End of WHOIS-Based Domain Validation Method: Transition to Alternative DCV","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/01\/end-of-who-based-email-validation.webp","datePublished":"2025-01-09T07:11:34+00:00","dateModified":"2025-01-09T07:14:54+00:00","description":"All Public Trusted CA no longer allow certificates to be issued based on a WHOIS email address validation. Domains must be re-validated.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/01\/end-of-who-based-email-validation.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/01\/end-of-who-based-email-validation.webp","width":960,"height":620,"caption":"WHOIS-Email DCV Deprecation"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/end-of-whois-based-dcv-methods-what-you-need-to-know-and-how-to-transition\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"The End of WHOIS-Based DCV Methods: What You Need to Know and How to Transition"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3201","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=3201"}],"version-history":[{"count":8,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3201\/revisions"}],"predecessor-version":[{"id":3212,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3201\/revisions\/3212"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/3203"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=3201"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=3201"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=3201"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}