Custom attributes are user-defined metadata fields that store business-specific information, such as service departments or cost centers. These attributes can be managed, searched, and updated throughout the certificate lifecycle. To add depth to a certificate profile, your users can assign custom attributes. For example, you could have fields to indicate the certificate's purpose, origin, or owner.
Required permissions
You must have the Manage custom attributes permission or the Custom attribute manager role to create an attribute. To add an attribute to a certificate profile, you must have the View custom attributes permission to create attributes.
You can set up a maximum of 10 custom attributes in an account and associate them with profiles or certificates with the appropriate permission.
Create a custom attribute
To create a custom attribute, select Account > Settings > Custom attributes. You can create the following types of attributes:
Attribute type | Description |
---|---|
Dropdown list | A specified set of values that users can create. For example, a list of business units in your organization. Can be a required or optional field. You can specify a default value that will be used during certificate renewals. NoteWhen dropdown list type attributes are marked as required, new values can be added to the dropdown. However, existing values cannot be removed. |
Fixed value | A single value. For example, a business unit in your organization. |
Text field | An empty field where users enter a value. Can be required or optional. You can specify a default value that will be used during certificate renewals. |
In the Account > Settings > Custom attributes page, authorized administrators can create, edit, and delete custom attributes. When deleting a custom attribute, all associated profiles and/or certificates will no longer be linked to the deleted attribute.
Use custom attributes
After an authorized administrator configures custom attributes, they can be assigned to a profile.
Web-based profiles (For example, CSR, Browser PKCS12, DigiCert Trust Assistant, Automated Enrollment, Admin Web Requests): Any configured custom attribute can be selected and applied to certificates issued or renewed from the profile. If a text field attribute is used, it can include a Regular Expression (REGEX) to validate user input.
Automated profiles (For example, REST API, ACME, SCEP, EST, Microsoft AutoEnrollment): Only custom attributes with Fixed values can be assigned, ensuring certificates issued or renewed automatically follow predefined settings.