I'm going to admit that I'm a bit confused by this thread. I'd like to start at the top to make sure I'm understanding correctly.
This statement sounds to me like "I'd like to be able to put the CA-provided random value in a SRV record, instead of in a TXT record, to fulfill domain control validation". But then:
This makes it sound like you want to complete domain control validation without updating any DNS records.
So I think what you're saying is: "I would like to complete HTTP-01 validation (or something like it) but have the CA connect to an IP:Port found in a SRV record instead of an IP found in an A/AAAA record". @_wojtek is that understanding of your question correct?
Assuming this interpretation is correct, the short answer is: no, you cannot do this. The Baseline Requirements specify that, in the course of connecting to the Authorization Domain Name, only two kinds of redirects can be followed: DNS CNAMEs, and HTTP 3XX. We cannot use SRV records to perform lookups.
Beyond that, I'm slightly confused as to why this request would be relevant at all. SRV records are useful for service discovery. You might perform a DNS query for an identifier like _xmpp._tcp.example.com, and the response would be something like IN SRV 5 0 5223 example.com. The original query _xmpp._tcp.example.com is not a "real" domain name, it is a combination of domain + protocol + service which is used as a lookup key, and the response tells you what domain name to actually perform A record lookups on to find the relevant IP address. There is no need to get a certificate for _xmpp._tcp.example.com, and indeed it is impossible to do so, since underscore is not a valid character in the Preferred Name Syntax. So there's no way for our validation process to encounter a SRV record at all: requesting issuance for _xmpp._tcp.example.com will fail immediately as that is not a valid domain name, and requesting issuance for example.com would not prompt us to look up any potential SRV records for any potential service+protocols that we suspect may be running on that hostname.
If you want to get TLS certificates for your XMPP server running on example.com:5223, then the easiest solution is to also run an HTTP server on example.com:80, use that to obtain certificates, and then share those certificates with the XMPP server.