This article describes the procedures and requirements of .insurance domain names.
Click on the subject below to open the dropdown for more information.

Average registration period is 6-24 hrs in case if all requirements were complied.
Successful domain registration via RCP or API requires:

NB: In case of successful registration, domain will resolve only if DNS delegation requirements are met.

Successful domain DNS delegation requires:

  • At least 2 nameservers in .insurance zone
  • Domain must be secured with DNSSEC
  • Domain must be secured with an SSL certificate
  • Full security requirements on the registry's website

Successful domain transfer via RCP or API requires:

During the transfer period which can take 6 days, the current provider or the owner can reject to the transfer.

The registration period after a successful transfer will extend with 1 year, unless the transfer is ordered within the domain's auto-renew grace period at the previous registrar.

Problems transferring your domain?
Please take a look at this extended article for possible solutions.

Additional notes on a .insurance transfer

  • As long as the registrant (company name, contact name and e-mail address) do not change during the transfer, no re-verification of the registrant is required.
  • If any of those data does change, the registry will start a new verification process, similar to that of a new domain name or a trade (owner change).
Authorization code required yes
Method of confirmation authcode,email
Registration period after transfer extends
Average transfer time Max. 6 days
Advanced and simple transfers available Contact our Sales department to check if easy transfer of 100 or more .insurance domains is available.

Owner change (trade)

  • requested as a normal domain update via RCP or API
  • processed realtime
  • both previous and new registrant will receive an e-mail. This is a notification only, no action is required.
  • registrant e-mail address verification applies
  • Domain owner verification required - registry will send e-mails to old and new owner with explanations. Process is similar to domain registration verification process

Other update

  • requested via RCP or API
  • processed realtime


If as part of the update the domain owner’s e-mail address changes, we’re obliged to start a contact verification process if this new e-mail address was not verified before.


Explicit delete

  • Requested via RCP or API
  • processed realtime
  • will directly result in quarantine (redemption period)  (no soft quarantine applies)

In case the domain expires (not renewed in time);

  • will not be deleted directly at the registry
  • will lead to soft quarantine, followed by regular quarantine

Restore / reactivate

  • restore / reactivation supported via RCP or API
  • quarantine periods can be found under
    Detailed extension information > Technical information > Quarantine period
  • After quarantine, 5 days PendingDelete period (restore not possible)
Domain lifecycle
Technical information
  • DNSSEC support: no
  • Minimum length: 3 characters
  • Maximum length: 63 characters
  • Allowed characters: a-z, 0-9, -
  • IDN characters: yes
  • Registration period: 1-10 years
  • Renewal date offset: 0 days
    The number of days before the registry's expiration date, that Openprovider requires the domain to be renewed or expired. More info.
    Note that the dates as shown in your Openprovider account are always leading, even if they do not match the renewal date offset mentioned here.
  • Soft quarantine period: 44 days
    During this period, following after an expiration, the domain can be restored for free. This period does not apply if the domain is deleted explicitly. More info.
  • Quarantine period: 28 days
    During this period, an expired or deleted domain name can be reactivated at an additional fee.
  • Local presence required? no
  • Does Openprovider provide local presence services? n/a
  • Local activity required? no
  • Correct nameserver configuration required? no
  • The domain name must match the registrant's trademark, trade name or service mark.
  • Strict eligibility requirements apply. Summarized, the registrant must be a insurance-related entity. This eligibility validation is performed before initial registration and each next year. Full information can be found in the registry's eligibility policy.
  • Ineligible domains may still be accepted by the registry in some cases, but those domains will not resolve. Please refer to the eligibility policies for full information.
  • DNSSEC is required
  • Only in-zone nameservers (nameservers within the .insurance zone like ns1.yourdomainname.insurance) may be used.
  • If you reseller .insurance domains to your customers, two-factor authentication is required.
  • Domain fees for requests that could not be validated will be refunded only partially.
  • SSL certificate is required. The registry has added the complete .insurance zone to the HSTS preload list to enforce this requirement.
Registration agreement The registry requires that a registration agreement is in place between the provider and the domain holder. The text of this registration agreement and any required supplements is the following:

Due to the regular changes in registry rules and configuration or missing information from registry side, and despite our effort to keep our knowledge base up-to-date, information in the knowledge base may be outdated or incorrect. If you encounter some issue, please report it through the "HotJar" feedback collector on the bottom right, or (if it is blocked by your browser) by clicking the "Submit a request" link below. No rights can be derived from the information in this knowledge base. If there is discrepancy between the knowledge base and the process in Openprovider, the process in Openprovider is leading.

Was this article helpful?
Additional questions? Submit a request