233 lines
8.0 KiB
Plaintext
233 lines
8.0 KiB
Plaintext
ENTERASYS-PKI-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- This module provides authoritative definitions for Enterasys
|
|
-- Networks' Resource usage monitoring.
|
|
|
|
--
|
|
-- This module will be extended, as needed.
|
|
|
|
-- Enterasys Networks reserves the right to make changes in this
|
|
-- specification and other information contained in this document
|
|
-- without prior notice. The reader should consult Enterasys Networks
|
|
-- to determine whether any such changes have been made.
|
|
--
|
|
-- In no event shall Enterasys Networks be liable for any incidental,
|
|
-- indirect, special, or consequential damages whatsoever (including
|
|
-- but not limited to lost profits) arising out of or related to this
|
|
-- document or the information contained in it, even if Enterasys
|
|
-- Networks has been advised of, known, or should have known, the
|
|
-- possibility of such damages.
|
|
--
|
|
-- Enterasys Networks grants vendors, end-users, and other interested
|
|
-- parties a non-exclusive license to use this Specification in
|
|
-- connection with the management of Enterasys Networks products.
|
|
|
|
-- Copyright March, 2013 Enterasys Networks, Inc.
|
|
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
DateAndTime
|
|
FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
etsysModules
|
|
FROM ENTERASYS-MIB-NAMES
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB;
|
|
|
|
|
|
|
|
etsysPkiMIB MODULE-IDENTITY
|
|
LAST-UPDATED "201303271108Z" -- Wed Mar 27 11:08 UTC 2013
|
|
ORGANIZATION "Enterasys Networks, Inc"
|
|
CONTACT-INFO
|
|
"Postal: Enterasys Networks
|
|
9 Northeastern Blvd.
|
|
Salem, NH, 03079
|
|
USA
|
|
Phone: +1 603 952 5000
|
|
E-mail: support@enterasys.com
|
|
WWW: http://www.enterasys.com"
|
|
|
|
DESCRIPTION
|
|
"This MIB module defines a portion of the SNMP enterprise
|
|
MIBs under Enterasys Networks' enterprise OID pertaining to
|
|
PKI notifications.
|
|
|
|
This MIB was designed to be used for monitoring PKI events
|
|
on the network management system by various remote monitoring
|
|
mechanisms."
|
|
|
|
REVISION "201303271108Z" -- Wed Mar 27 11:08 UTC 2013
|
|
DESCRIPTION "The initial version of this MIB module."
|
|
::= { etsysModules 101 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Textual Conventions
|
|
-- -------------------------------------------------------------
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- branches in the ENTERASYS-PKI-NOTIFICATION MIB
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysPkiObjects
|
|
OBJECT IDENTIFIER ::= { etsysPkiMIB 1 }
|
|
|
|
etsysPkiNotificationBranch
|
|
OBJECT IDENTIFIER ::= { etsysPkiObjects 0 }
|
|
|
|
etsysPkiCertificateBranch
|
|
OBJECT IDENTIFIER ::= { etsysPkiObjects 1 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Objects in the etsysPkiCertificateBranch group
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysPkiCertListName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..32))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The certificate list name to which the certificate belongs.
|
|
If the list name is not known, then an empty string will be
|
|
returned."
|
|
::= { etsysPkiCertificateBranch 1 }
|
|
|
|
etsysPkiCertFingerprint OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(20))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The SHA1 Hash of the certificate."
|
|
::= { etsysPkiCertificateBranch 2 }
|
|
|
|
etsysPkiCertIssuerName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..63))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Issuer field of the certificate, which contains a
|
|
distinguished name (DN). If the length of the actual
|
|
DN exceeds the maximum length of this object, then this
|
|
object will contain a truncated version of the DN."
|
|
::= { etsysPkiCertificateBranch 3 }
|
|
|
|
etsysPkiCertSubjectName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..63))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Subject field of the certificate, which contains a
|
|
distinguished name (DN). If the length of the actual
|
|
DN exceeds the maximum length of this object, then this
|
|
object will contain a truncated version of the DN."
|
|
::= { etsysPkiCertificateBranch 4 }
|
|
|
|
etsysPkiCertStartDate OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the certificate validity period begins, as defined
|
|
by the notBefore value in certificate's validity field."
|
|
::= { etsysPkiCertificateBranch 5 }
|
|
|
|
etsysPkiCertEndDate OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the certificate validity period ends, as defined
|
|
by the notAfter value in certificate's validity field."
|
|
::= { etsysPkiCertificateBranch 6 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Objects in the etsysPkiNotificationBranch group
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysPkiCertNearingExpirationNotification NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
etsysPkiCertListName,
|
|
etsysPkiCertFingerprint,
|
|
etsysPkiCertIssuerName,
|
|
etsysPkiCertSubjectName,
|
|
etsysPkiCertStartDate,
|
|
etsysPkiCertEndDate
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Certificate nearing expiration.
|
|
|
|
The managed entity will send this notification when an
|
|
installed PKI Certificate is nearing expiration. The
|
|
entity will resend this notification periodically until
|
|
the certificate is removed from configuration.
|
|
|
|
Note that an expired certificate will be automatically
|
|
rejected by the PKI authentication process. If an
|
|
expired certificate is not replaced by a newer
|
|
certificate, then any authentication attempt which
|
|
uses the expired certificate will fail."
|
|
|
|
::= { etsysPkiNotificationBranch 1 }
|
|
|
|
-- ------------------------------------------------------------- --
|
|
-- Conformance Information
|
|
-- ------------------------------------------------------------- --
|
|
|
|
etsysPkiConformance
|
|
OBJECT IDENTIFIER ::= { etsysPkiMIB 2 }
|
|
|
|
etsysPkiGroups
|
|
OBJECT IDENTIFIER ::= { etsysPkiConformance 1 }
|
|
|
|
etsysPkiCompliances
|
|
OBJECT IDENTIFIER ::= { etsysPkiConformance 2 }
|
|
|
|
-- ------------------------------------------------------------- --
|
|
-- Units of conformance
|
|
-- ------------------------------------------------------------- --
|
|
etsysPkiCertificateGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysPkiCertListName,
|
|
etsysPkiCertFingerprint,
|
|
etsysPkiCertIssuerName,
|
|
etsysPkiCertSubjectName,
|
|
etsysPkiCertStartDate,
|
|
etsysPkiCertEndDate
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing basic instrumentation of
|
|
PKI Certificate event notifications."
|
|
::= { etsysPkiGroups 1 }
|
|
|
|
etsysPkiNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
etsysPkiCertNearingExpirationNotification
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PKI notifications."
|
|
::= { etsysPkiGroups 2 }
|
|
|
|
-- ------------------------------------------------------------- --
|
|
-- Compliance statements
|
|
-- ------------------------------------------------------------- --
|
|
|
|
etsysPkiCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for devices that support Enterasys PKI."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
etsysPkiCertificateGroup,
|
|
etsysPkiNotificationGroup
|
|
}
|
|
::= { etsysPkiCompliances 1 }
|
|
|
|
END
|