Skip to main content

Custom attributes

Custom attributes are user-defined metadata fields that store business-specific information, such as service departments or cost centers. These attributes can be managed, searched, and updated throughout the certificate lifecycle. To add depth to a certificate profile, your users can assign custom attributes. For example, you could have fields to indicate the certificate's purpose, origin, or owner.

Required permissions

You must have the Manage custom attributes permission or the Custom attribute manager role to create an attribute. To add an attribute to a certificate profile, you must have the View custom attributes permission to create attributes.

You can set up a maximum of 10 custom attributes in an account and associate them with profiles or certificates with the appropriate permission.

Create a custom attribute

To create a custom attribute, select Account > Settings > Custom attributes. You can create the following types of attributes:

Attribute type

Description

Dropdown list

A specified set of values that users can create. For example, a list of business units in your organization. Can be a required or optional field. You can specify a default value that will be used during certificate renewals.

Note

When dropdown list type attributes are marked as required, new values can be added to the dropdown. However, existing values cannot be removed.

Fixed value

A single value. For example, a business unit in your organization.

Text field

An empty field where users enter a value. Can be required or optional. You can specify a default value that will be used during certificate renewals.

In the Account > Settings > Custom attributes page, authorized administrators can create, edit, and delete custom attributes. When deleting a custom attribute, all associated profiles and/or certificates will no longer be linked to the deleted attribute.

Use custom attributes

After an authorized administrator configures custom attributes, they can be assigned to a profile.

  • Web-based profiles (For example, CSR, Browser PKCS12, DigiCert Trust Assistant, Automated Enrollment, Admin Web Requests): Any configured custom attribute can be selected and applied to certificates issued or renewed from the profile. If a text field attribute is used, it can include a Regular Expression (REGEX) to validate user input.

  • Automated profiles (For example, REST API, ACME, SCEP, EST, Microsoft AutoEnrollment): Only custom attributes with Fixed values can be assigned, ensuring certificates issued or renewed automatically follow predefined settings.

Publication date: