BAY-STACK-DIGITAL-CERT DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32 FROM SNMPv2-SMI DisplayString, TruthValue, RowStatus, DateAndTime FROM SNMPv2-TC RcLongDisplayString FROM RAPID-CITY bayStackMibs FROM SYNOPTICS-ROOT-MIB; bayStackDigitalCert MODULE-IDENTITY LAST-UPDATED "201712080000Z" ORGANIZATION "Avaya" CONTACT-INFO "avaya.com" DESCRIPTION "Enterprise MIB for the Digital Certificate mibs." REVISION "201712080000Z" -- December 08, 2017 DESCRIPTION "Ver 3: * Add bits ssh-server(5), ssh-client(6) in bsDigitalCertUseFor" REVISION "201709210000Z" -- September 21, 2017 DESCRIPTION "Ver 2: * Add object bsDigitalCertSubjectFqdn under bsDigitalCertSubjectScalars * Add bsDigitalCertForceReplacement under bsDigitalCertImportExport * Remove objects bsDigitalCertFileActionStatus and bsDigitalCertFileActionError from bsDigitalCertFileMgmt * Add objects bsDigitalCertChainPosition, bsDigitalCertSha1Hash and bsDigitalCertMd5Hash under bsDigitalCertEntry * Add object bsDigitalCertCaChainComplete under bsDigitalCertCaEntry * Add values raCert and crl in enum bsDigitalCertType * Reversed order of objects bsDigitalCertFileName, bsDigitalCertAssociatedContextName and bsDigitalCertAssociatedContextType under bsDigitalCertEntry" REVISION "201705040000Z" -- April 5, 2017 DESCRIPTION "Ver 1: Initial version." ::= { bayStackMibs 48 } bsDigitalCertNotifications OBJECT IDENTIFIER ::= { bayStackDigitalCert 0 } bsDigitalCertObjects OBJECT IDENTIFIER ::= { bayStackDigitalCert 1 } bsDigitalCertScalars OBJECT IDENTIFIER ::= { bsDigitalCertObjects 1 } bsDigitalCertSubjectScalars OBJECT IDENTIFIER ::= { bsDigitalCertScalars 1 } bsDigitalCertImportExport OBJECT IDENTIFIER ::= { bsDigitalCertScalars 2 } bsDigitalCertFileMgmt OBJECT IDENTIFIER ::= { bsDigitalCertScalars 3 } -- scalar objects -- subject bsDigitalCertSubjectCommonName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..64)) MAX-ACCESS read-write STATUS current DESCRIPTION "The value of the Common Name field of the subject sending the Certificate Signing Request to the Certificate Authority" ::= {bsDigitalCertSubjectScalars 1 } bsDigitalCertSubjectEmailAddress OBJECT-TYPE SYNTAX DisplayString (SIZE(0..254)) MAX-ACCESS read-write STATUS current DESCRIPTION "The Email Address of the subject sending the Certificate Signing Request to the Certificate Authority" ::= { bsDigitalCertSubjectScalars 2 } bsDigitalCertSubjectOrganizationalUnit OBJECT-TYPE SYNTAX DisplayString (SIZE(0..64)) MAX-ACCESS read-write STATUS current DESCRIPTION "The Organizational Unit field of the subject sending the Certificate Signing Request to the Certificate Authority" ::= { bsDigitalCertSubjectScalars 3 } bsDigitalCertSubjectOrganization OBJECT-TYPE SYNTAX DisplayString (SIZE(0..64)) MAX-ACCESS read-write STATUS current DESCRIPTION "The Organization of the subject sending the Certificate Signing Request to the Certificate Authority" ::= { bsDigitalCertSubjectScalars 4 } bsDigitalCertSubjectLocality OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the Locality of the subject sending the Certificate Signing Request to the Certificate Authority" ::= { bsDigitalCertSubjectScalars 5 } bsDigitalCertSubjectProvince OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "The Province name of the subject sending the Certificate Signing Request to the Certificate Authority" ::= { bsDigitalCertSubjectScalars 6 } bsDigitalCertSubjectCountry OBJECT-TYPE SYNTAX DisplayString (SIZE(0..2)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the country of the subject sending the Certificate Signing Request to the Certificate Authority" ::= { bsDigitalCertSubjectScalars 7 } bsDigitalCertSubjectIncludeIpAddress OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies whether all IP addresses will be included in the Subject Alternative Name extension of the Certificate Signing Request" ::= { bsDigitalCertSubjectScalars 8 } bsDigitalCertSubjectFqdn OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "The fully qualified name of the subject" ::= { bsDigitalCertSubjectScalars 9 } -- import and export bsDigitalCertLocalResource OBJECT-TYPE SYNTAX INTEGER { file(1), csr(2), pkcs12(3), keypair(4), pkcs7(5) } MAX-ACCESS read-write STATUS current DESCRIPTION "The type of resource to be exported" ::= { bsDigitalCertImportExport 1 } bsDigitalCertPkcs12Passphrase OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies the passphrase to use for encrypting and decrypting pkcs#12 containers" ::= { bsDigitalCertImportExport 2 } bsDigitalCertLocalName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..254)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the file or key pair to be imported or exported from nvram. Ignored for CSR, PKCS#7 and PKCS#12." ::= { bsDigitalCertImportExport 3 } bsDigitalCertFileAssociatedContextName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..45)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the context to associate imported and exported files" ::= { bsDigitalCertImportExport 4 } bsDigitalCertFileAssociatedContextType OBJECT-TYPE SYNTAX INTEGER { ca(1), truststore(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The type of the context to associate imported and exported files " ::= { bsDigitalCertImportExport 5 } bsDigitalCertRemoteFileName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..254)) MAX-ACCESS read-write STATUS current DESCRIPTION "The address and name of the file to be imported or exported on a remote location" ::= { bsDigitalCertImportExport 6 } bsDigitalCertFileSupport OBJECT-TYPE SYNTAX INTEGER { usb(1), sftp(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The storage type of the file to be imported or exported" ::= { bsDigitalCertImportExport 7 } bsDigitalCertSftpUsername OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "The username to log into when accessing the SFTP server" ::= { bsDigitalCertImportExport 8 } bsDigitalCertUsbUnitNumber OBJECT-TYPE SYNTAX Integer32 (0..8) MAX-ACCESS read-write STATUS current DESCRIPTION "The unit number whose USB to access" ::= { bsDigitalCertImportExport 9 } bsDigitalCertForceReplacement OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Controls whether a name conflict will be resolved by replacing the old file with the new one" ::= { bsDigitalCertImportExport 10 } bsDigitalCertAction OBJECT-TYPE SYNTAX INTEGER { noop(1), import(2), export(3), delete(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies the action to be taken on the previously specified file" ::= { bsDigitalCertImportExport 11 } bsDigitalCertActionStatus OBJECT-TYPE SYNTAX INTEGER { none(1), success(2), failed(3), inprogress(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "Displays the status of the latest action" ::= { bsDigitalCertImportExport 12 } bsDigitalCertActionError OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "Displays the error message that occurent during the latest action, if any" ::= { bsDigitalCertImportExport 13 } -- file management bsDigitalCertSourceFileName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..254)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the file to be copied, moved or renamed" ::= { bsDigitalCertFileMgmt 1 } bsDigitalCertSourceContextName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..45)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the context where the source file is located" ::= { bsDigitalCertFileMgmt 2 } bsDigitalCertSourceContextType OBJECT-TYPE SYNTAX INTEGER { ca(1), truststore(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The type of the context where the source file is located" ::= { bsDigitalCertFileMgmt 3 } bsDigitalCertDestinationFileName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..254)) MAX-ACCESS read-write STATUS current DESCRIPTION "A new name for the source file or its copy" ::= { bsDigitalCertFileMgmt 4 } bsDigitalCertDestinationContextName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..45)) MAX-ACCESS read-write STATUS current DESCRIPTION "The name of the context where to place the source file or its copy" ::= { bsDigitalCertFileMgmt 5 } bsDigitalCertDestinationContextType OBJECT-TYPE SYNTAX INTEGER { ca(1), truststore(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The type of the context where to place the source file or its copy" ::= { bsDigitalCertFileMgmt 6 } bsDigitalCertFileAction OBJECT-TYPE SYNTAX INTEGER { noop(1), copy(2), move(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies the action to be taken on the previously specified file. Moving a file within the same CA entry will result in a rename." ::= { bsDigitalCertFileMgmt 7 } -- key table bsDigitalCertKeyTable OBJECT-TYPE SYNTAX SEQUENCE OF BsDigitalCertKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table containing all the information related to the key-pair, required to get the Digital Certificate from the Certificate Authority." ::= { bsDigitalCertObjects 2 } bsDigitalCertKeyEntry OBJECT-TYPE SYNTAX BsDigitalCertKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry specifies the key-pair name, size, the algorithm used for the generation of key-pair and if the user is allowed to export it." INDEX { bsDigitalCertKeyName } ::= { bsDigitalCertKeyTable 1 } BsDigitalCertKeyEntry ::= SEQUENCE { bsDigitalCertKeyName DisplayString, bsDigitalCertKeyType INTEGER, bsDigitalCertKeySize Integer32, bsDigitalCertKeyFingerprint DisplayString, bsDigitalCertKeyRowStatus RowStatus } bsDigitalCertKeyName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..46)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Refers to the name of the key-pair generated or imported for the subject" ::= { bsDigitalCertKeyEntry 1 } bsDigitalCertKeyType OBJECT-TYPE SYNTAX INTEGER { rsa (1) } MAX-ACCESS read-only STATUS current DESCRIPTION "Defines the algorithm used to generate the key-pair" ::= { bsDigitalCertKeyEntry 2 } bsDigitalCertKeySize OBJECT-TYPE SYNTAX Integer32 (2048) MAX-ACCESS read-only STATUS current DESCRIPTION "Defines the size of the key-pair to be generated " ::= { bsDigitalCertKeyEntry 3 } bsDigitalCertKeyFingerprint OBJECT-TYPE SYNTAX DisplayString (SIZE(0..60)) MAX-ACCESS read-only STATUS current DESCRIPTION "Displays the SHA1 fingerprint of the key pair" ::= { bsDigitalCertKeyEntry 4 } bsDigitalCertKeyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Used to create/delete entries" ::= { bsDigitalCertKeyEntry 5 } -- ca table bsDigitalCertCaTable OBJECT-TYPE SYNTAX SEQUENCE OF BsDigitalCertCaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table containing all the information related to the Certificate Authority issuing the Digital Certificate" ::= { bsDigitalCertObjects 3 } bsDigitalCertCaEntry OBJECT-TYPE SYNTAX BsDigitalCertCaEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry containing information about the Certificate Authority" INDEX { bsDigitalCertCaName } ::= { bsDigitalCertCaTable 1 } BsDigitalCertCaEntry ::= SEQUENCE { bsDigitalCertCaName DisplayString, bsDigitalCertCaCommonName DisplayString, bsDigitalCertCaKeyName DisplayString, bsDigitalCertCaCaUrl RcLongDisplayString, bsDigitalCertCaAction INTEGER, bsDigitalCertCaActionChallengePassword DisplayString, bsDigitalCertCaAuthenticated TruthValue, bsDigitalCertCaLastActionStatus INTEGER, bsDigitalCertCaLastActionFailureReason DisplayString, bsDigitalCertCaSubjectCertificateValidityDays Integer32, bsDigitalCertCaUsePost TruthValue, bsDigitalCertUseFor BITS, bsDigitalCertRegenerateKeyOnEnroll TruthValue, bsDigitalCertCaChainComplete TruthValue, bsDigitalCertCaRowStatus RowStatus } bsDigitalCertCaName OBJECT-TYPE SYNTAX DisplayString (SIZE(1..45)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "User defined name referring to the Certificate Authority issuing the Digital Certificate" ::= { bsDigitalCertCaEntry 1 } bsDigitalCertCaCommonName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "Defines the Common Name of the Certificate Authority issuing the Digital Certificate" ::= { bsDigitalCertCaEntry 2 } bsDigitalCertCaKeyName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..45)) MAX-ACCESS read-create STATUS current DESCRIPTION "Defines the name of the associated key pair . It refers to the Key Name entry of the bsDigitalCertKeyTable" ::= { bsDigitalCertCaEntry 3 } bsDigitalCertCaCaUrl OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..1000)) MAX-ACCESS read-create STATUS current DESCRIPTION "Defines the URL of the Certificate Authority issuing the Digital Certificate" ::= { bsDigitalCertCaEntry 4 } bsDigitalCertCaAction OBJECT-TYPE SYNTAX INTEGER { noop(1), caauth(2), enroll(3), renew(4), remove(5), getCrl(6), genSelfSig(7), getCaCert(8) } MAX-ACCESS read-create STATUS current DESCRIPTION "specifies the various actions Certificate Authority can take- 'noop' - No operation 'caauth' - Athenticates the Certificate Authority (CA) based on the previously retrieved Root CA Certificate. 'enroll' - Certificate Enrolment Request. 'renew' - Certificate Renew Request. 'remove' - Removes the subject certificate obtained online from the Certificate Authority. 'getCrl' - Get the Certificate Revocation List from the CDP. 'genSelfSig'- Generate a self-signed certificate. 'getCaCert' - Retrieve Root CA certificate from the Certificate Authority" ::= { bsDigitalCertCaEntry 5 } bsDigitalCertCaActionChallengePassword OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-create STATUS current DESCRIPTION "specifies the challenge password required to perform the scep operation" ::= { bsDigitalCertCaEntry 6 } bsDigitalCertCaAuthenticated OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether the Online Certificate Authority is authenticated" ::= { bsDigitalCertCaEntry 7 } bsDigitalCertCaLastActionStatus OBJECT-TYPE SYNTAX INTEGER { none(1), success(2), failed(3), inProgress(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the status of the last action 'none' - No action was performed yet. 'success' - Execution of the action triggered is completed successfully. 'failed' - Execution of the action triggered has failed. 'inProgress' - Execution of the action triggered is in progress. " ::= { bsDigitalCertCaEntry 8 } bsDigitalCertCaLastActionFailureReason OBJECT-TYPE SYNTAX DisplayString (SIZE(0..81)) MAX-ACCESS read-only STATUS current DESCRIPTION "Defines the reason of failure for the last action performed by the Certificate Authority" ::= { bsDigitalCertCaEntry 9 } bsDigitalCertCaSubjectCertificateValidityDays OBJECT-TYPE SYNTAX Integer32 (7..1185) MAX-ACCESS read-create STATUS current DESCRIPTION "Number of days for which subject certificate will remain valid" DEFVAL { 365 } ::= { bsDigitalCertCaEntry 10 } bsDigitalCertCaUsePost OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "specifies the HTTP request type : URL or POST , TRUE for EJBCA and FALSE for Win2012 CA" DEFVAL { true } ::= { bsDigitalCertCaEntry 11 } bsDigitalCertUseFor OBJECT-TYPE SYNTAX BITS { ike(0), ssl-server(1), ssl-client(2), slamon(3), cloud(4), ssh-server(5), ssh-client(6) } MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies for what features will use the subject certificate from this CA. Features are represented in form of bits as follows: bit 0 - IKE bit 1 - SSL server bit 2 - SSL client bit 3 - SLAmon bit 4 - Cloud bit 5 - SSH server bit 6 - SSH client" ::= { bsDigitalCertCaEntry 12 } bsDigitalCertRegenerateKeyOnEnroll OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies whether the associated key pair will be regenerated on re-enroll" DEFVAL { false } ::= { bsDigitalCertCaEntry 13 } bsDigitalCertCaChainComplete OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether the CA entry contains a complete certificate chain" ::= { bsDigitalCertCaEntry 14 } bsDigitalCertCaRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Used to create/delete entries" ::= { bsDigitalCertCaEntry 15 } -- certificates table bsDigitalCertTable OBJECT-TYPE SYNTAX SEQUENCE OF BsDigitalCertEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table of information about digital certificates" ::= { bsDigitalCertObjects 4 } bsDigitalCertEntry OBJECT-TYPE SYNTAX BsDigitalCertEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry containing information about digital certificates" INDEX { bsDigitalCertAssociatedContextType, bsDigitalCertAssociatedContextName, bsDigitalCertFileName } ::= { bsDigitalCertTable 1 } BsDigitalCertEntry ::= SEQUENCE { bsDigitalCertAssociatedContextType INTEGER, bsDigitalCertAssociatedContextName DisplayString, bsDigitalCertFileName RcLongDisplayString, bsDigitalCertType INTEGER, bsDigitalCertChainPosition Integer32, bsDigitalCertSha1Hash DisplayString, bsDigitalCertMd5Hash DisplayString, bsDigitalCertVersionNumber DisplayString, bsDigitalCertSerialNumber DisplayString, bsDigitalCertIssuerName RcLongDisplayString, bsDigitalCertValidStartPeriod DateAndTime, bsDigitalCertValidEndPeriod DateAndTime, bsDigitalCertCertificateSignatureAlgorithm INTEGER, bsDigitalCertCertificateSignature RcLongDisplayString, bsDigitalCertSubject RcLongDisplayString, bsDigitalCertSubjectPublicKeyAlgorithm INTEGER, bsDigitalCertSubjectPublicKey OCTET STRING, bsDigitalCertHasBasicConstraint TruthValue, bsDigitalCertHasKeyUsage TruthValue, bsDigitalCertIsCa TruthValue, bsDigitalCertKeyUsage BITS, bsDigitalCertStatus DisplayString, bsDigitalCertCdpUrl RcLongDisplayString, bsDigitalCertOcspUrl RcLongDisplayString, bsDigitalCertExtendedKeyUsage DisplayString } bsDigitalCertAssociatedContextType OBJECT-TYPE SYNTAX INTEGER { ca(1), truststore(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the type of the associated context" ::= { bsDigitalCertEntry 1 } bsDigitalCertAssociatedContextName OBJECT-TYPE SYNTAX DisplayString (SIZE(1..45)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the name of the associated context" ::= { bsDigitalCertEntry 2 } bsDigitalCertFileName OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..512)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the common name value of the certificate subject" ::= { bsDigitalCertEntry 3 } bsDigitalCertType OBJECT-TYPE SYNTAX INTEGER { caCert(1), intermediateCaCert (2), subjectCert(3), raCert(4), crl(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "Identifies certificate role in a chain of trust 'caCert' - Root Certificate Authority's Certificate 'intermediateCaCert' - Intermediate Certificate Authority's Certificate 'subjectCert' - Subject Certificate 'raCert' - Registration Authority Certificate 'crl' - Certificate Revocation List" ::= { bsDigitalCertEntry 4 } bsDigitalCertChainPosition OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Certificate position in the chain or 0 if certificate is not part of the chain" ::= { bsDigitalCertEntry 5 } bsDigitalCertSha1Hash OBJECT-TYPE SYNTAX DisplayString (SIZE(0..254)) MAX-ACCESS read-only STATUS current DESCRIPTION "SHA1 certificate fingerprint" ::= { bsDigitalCertEntry 6 } bsDigitalCertMd5Hash OBJECT-TYPE SYNTAX DisplayString (SIZE(0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "MD5 certificate fingerprint" ::= { bsDigitalCertEntry 7 } bsDigitalCertVersionNumber OBJECT-TYPE SYNTAX DisplayString (SIZE(0..16)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the version number of the certificate for the subject as issued by the Certificate Authority" ::= { bsDigitalCertEntry 8 } bsDigitalCertSerialNumber OBJECT-TYPE SYNTAX DisplayString (SIZE(0..50)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the serial number of the certificate for the subject as issued by the Certificate Authority " ::= { bsDigitalCertEntry 9 } bsDigitalCertIssuerName OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..1000)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the issuer's name of the certificate for the subject as issued by the Certificate Authority" ::= { bsDigitalCertEntry 10 } bsDigitalCertValidStartPeriod OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the start date of the validation period of the certificate for the subject as issued by the Certificate Authority " ::= { bsDigitalCertEntry 11 } bsDigitalCertValidEndPeriod OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the last date of the validation period of the certificate for the subject as issued by the Certificate Authority" ::= { bsDigitalCertEntry 12 } bsDigitalCertCertificateSignatureAlgorithm OBJECT-TYPE SYNTAX INTEGER { rsaEncryption(1), md2withRSAEncryption(2), md4withRSAEncryption(3), md5withRSAEncryption(4), sha1withRSAEncryption(5), sha256withRSAEncryption(11), sha384withRSAEncryption(12), sha512withRSAEncryption(13), sha224withRSAEncryption(14) } MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the algorithm used for the issuer's signature on the certificate for the subject as issued by the Certificate Authority" ::= { bsDigitalCertEntry 13 } bsDigitalCertCertificateSignature OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..4096)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the issuer's signature on the certificate for the subject as issued by the Certificate Authority" ::= { bsDigitalCertEntry 14 } bsDigitalCertSubject OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..1000)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the details of the subject on its certificate as issued by Certificate Authority " ::= { bsDigitalCertEntry 15 } bsDigitalCertSubjectPublicKeyAlgorithm OBJECT-TYPE SYNTAX INTEGER { rsaEncryption(1), md2withRSAEncryption(2), md4withRSAEncryption(3), md5withRSAEncryption(4), sha1withRSAEncryption(5), sha256withRSAEncryption(11), sha384withRSAEncryption(12), sha512withRSAEncryption(13), sha224withRSAEncryption(14) } MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the algorithm used to generate the subject's public key for the certificate issued by the Certificate Authority" ::= { bsDigitalCertEntry 16 } bsDigitalCertSubjectPublicKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..2048)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the public key of the subject" ::= { bsDigitalCertEntry 17 } bsDigitalCertHasBasicConstraint OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether certificate contains basic certificate constraint" ::= { bsDigitalCertEntry 18 } bsDigitalCertHasKeyUsage OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether certificate contains basic key usage constraint" ::= { bsDigitalCertEntry 19 } bsDigitalCertIsCa OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether this is Certificate Authority's certificate or not" ::= { bsDigitalCertEntry 20 } bsDigitalCertKeyUsage OBJECT-TYPE SYNTAX BITS { digitalSignature(0), nonRepudiation(1), keyEncipherment(2), dataEncipherment(3), keyAgreement(4), keyCertSign(5), cRLSign(6), encipherOnly(7), decipherOnly(8) } MAX-ACCESS read-only STATUS current DESCRIPTION "specifies the purpose of the key used in the certificate. It is represented in form of bits as follows- bit 0 - digitalSignature bit 1 - nonRepudiation bit 2 - keyEncipherment bit 3 - dataEncipherment bit 4 - keyAgreement bit 5 - keyCertSign bit 6 - cRLSign bit 7 - encipherOnly bit 8 - decipherOnly" ::= { bsDigitalCertEntry 21 } bsDigitalCertStatus OBJECT-TYPE SYNTAX DisplayString (SIZE(0..129)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the status of the certificate" ::= { bsDigitalCertEntry 22 } bsDigitalCertCdpUrl OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..1000)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the CDP URL present in the Extensions field of the Digital Certificate." ::= { bsDigitalCertEntry 23 } bsDigitalCertOcspUrl OBJECT-TYPE SYNTAX RcLongDisplayString (SIZE(0..1000)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the OCSP URL present in the AIA field of the Digital Certificate." ::= { bsDigitalCertEntry 24 } bsDigitalCertExtendedKeyUsage OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the purpose for which the key may be used, in addition to or in place of the basic purposes indicated in the key-usage field of the certificate." ::= { bsDigitalCertEntry 25 } END