PKI certificate metadata in Vault

In HashiCorp Vault 1.17, custom metadata can now be created and submitted with the certificate signing request (CSR), automating the retention and association of metadata with issued certificates. This feature allows users to associate custom attributes with their PKI certificates beyond the standard data available on them. Custom metadata can be used for various purposes such as tracking business information, PKI administration, and operational information. The expiration date of the certificate is stored on the metadata entry itself, allowing automatic deletion once the certificate has expired or been revoked.