762 lines
24 KiB
Plaintext
762 lines
24 KiB
Plaintext
-- ====================================================================
|
|
-- Copyright (c) 2004-2022 New H3C Tech. Co., Ltd. All rights reserved.
|
|
--
|
|
-- Description: The MIB is designed to get PKI trap information.
|
|
-- Reference:
|
|
-- Version: 1.2
|
|
-- History:
|
|
-- V1.0: The initial version created by Zhaoming.
|
|
-- V1.1: Modified by Zhaoming Dec.30 2021
|
|
-- 1) 'hh3cPKICertUpdateTime' was added to the 'hh3cPKIGetLocalCertSucScep'
|
|
-- and 'hh3cPKIGetLocalCertFailScep' traps.
|
|
-- V1.2: Modified by skf9095 Sep.22 2022
|
|
-- 1) Added the 'hh3cPKICrlHasExpiredTrapCntl'
|
|
-- and 'hh3cPKICrlHasExpired' traps.
|
|
-- 2) Added the 'hh3cPKIWriteToFlashFailTrapCntl'
|
|
-- and 'hh3cPKIWriteToFlashFail' traps.
|
|
-- =====================================================================
|
|
HH3C-PKI-MONITOR-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
DisplayString, TruthValue, DateAndTime
|
|
FROM SNMPv2-TC
|
|
OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
hh3cCommon
|
|
FROM HH3C-OID-MIB;
|
|
|
|
hh3cPKIMonitor MODULE-IDENTITY
|
|
LAST-UPDATED "202209221725Z" -- September 22, 2022 at 12:47 GMT
|
|
ORGANIZATION
|
|
"New H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team New H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085"
|
|
DESCRIPTION
|
|
"The MIB is designed to obtain the alarm information of the PKI module."
|
|
REVISION "202209221725Z"
|
|
DESCRIPTION
|
|
"Add hh3cPKICrlHasExpiredTrapCntl to hh3cPKITrapCntlGroup.
|
|
Add hh3cPKIWriteToFlashFailTrapCntl to hh3cPKITrapCntlGroup.
|
|
Add hh3cPKICrlHasExpired to hh3cPKITrapGroup.
|
|
Add hh3cPKIWriteToFlashFail to hh3cPKITrapGroup."
|
|
REVISION "202112301247Z"
|
|
DESCRIPTION
|
|
"This revision is about the trap hh3cPKIGetLocalCertSucScep and
|
|
hh3cPKIGetLocalCertFailScep ."
|
|
REVISION
|
|
"202109141347Z"
|
|
DESCRIPTION
|
|
"Initial version."
|
|
::= { hh3cCommon 209 }
|
|
|
|
|
|
-- ========================================================================
|
|
-- Node definitions
|
|
-- ========================================================================
|
|
-- Begin the node of hh3cPKIObjects.
|
|
|
|
hh3cPKIObjects OBJECT IDENTIFIER ::= { hh3cPKIMonitor 1 }
|
|
-- =======================================
|
|
-- Begin the hh3cPKITrapObject.
|
|
-- =======================================
|
|
|
|
hh3cPKITrapObject OBJECT IDENTIFIER ::= { hh3cPKIObjects 1 }
|
|
|
|
hh3cPKICACertIssuer OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The issuer of CA certificate with a trap."
|
|
::= { hh3cPKITrapObject 1 }
|
|
|
|
hh3cPKICACertSubject OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subject of CA certificate with a trap."
|
|
::= { hh3cPKITrapObject 2 }
|
|
|
|
hh3cPKICACertStartTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the CA certificate becomes effective with a trap."
|
|
::= { hh3cPKITrapObject 3 }
|
|
|
|
hh3cPKICACertFinishTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the CA certificate expires with a trap."
|
|
::= { hh3cPKITrapObject 4 }
|
|
|
|
hh3cPKICrlIssuer OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The issuer of CRL with a trap."
|
|
::= { hh3cPKITrapObject 5 }
|
|
|
|
hh3cPKICrlStartTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the CRL becomes effective with a trap."
|
|
::= { hh3cPKITrapObject 6 }
|
|
|
|
hh3cPKICrlFinishTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when CRL expires with a trap."
|
|
::= { hh3cPKITrapObject 7 }
|
|
|
|
hh3cPKIDomainName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..31))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PKI domain name with a trap."
|
|
::= { hh3cPKITrapObject 8 }
|
|
|
|
hh3cPKICrlUrl OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..1023))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The URL path of CRL with a trap."
|
|
::= { hh3cPKITrapObject 9 }
|
|
|
|
hh3cPKIVrfName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..31))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN instance name with a trap."
|
|
::= { hh3cPKITrapObject 10 }
|
|
|
|
hh3cPKICertUrl OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..1023))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The URL path of the certificate with a trap."
|
|
::= { hh3cPKITrapObject 11 }
|
|
|
|
hh3cPKILocalCertIssuer OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The issuer of local certificate with a trap."
|
|
::= { hh3cPKITrapObject 12 }
|
|
|
|
hh3cPKILocalCertSubject OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subject of local certificate with a trap."
|
|
::= { hh3cPKITrapObject 13 }
|
|
|
|
hh3cPKILocalCertStartTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the local certificate becomes effective with a trap."
|
|
::= { hh3cPKITrapObject 14 }
|
|
|
|
hh3cPKILocalCertFinishTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the local certificate expires with a trap."
|
|
::= { hh3cPKITrapObject 15 }
|
|
|
|
hh3cPKIEntityName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..31))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entity name with a trap."
|
|
::= { hh3cPKITrapObject 16 }
|
|
|
|
hh3cPKICertSave OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The certificate save file name with a trap."
|
|
::= { hh3cPKITrapObject 17 }
|
|
|
|
hh3cPKICertUpdateTime OBJECT-TYPE
|
|
SYNTAX DateAndTime(SIZE(8 | 11))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time when the certificate was updated with a trap."
|
|
::= { hh3cPKITrapObject 18 }
|
|
|
|
-- =======================================
|
|
-- Begin the hh3cPKITrapCntl.
|
|
-- =======================================
|
|
|
|
hh3cPKITrapCntl OBJECT IDENTIFIER ::= { hh3cPKIObjects 2 }
|
|
|
|
hh3cPKITrapGlobalCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether all PKI traps should be generated."
|
|
::= { hh3cPKITrapCntl 1 }
|
|
|
|
hh3cPKICACertInvalidTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKICACertInvalid traps should be generated."
|
|
::= { hh3cPKITrapCntl 2 }
|
|
|
|
hh3cPKICACertValidTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKICACertValid traps should be generated."
|
|
::= { hh3cPKITrapCntl 3 }
|
|
|
|
hh3cPKICrlInvalidTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKICrlInvalid traps should be generated."
|
|
::= { hh3cPKITrapCntl 4 }
|
|
|
|
hh3cPKICrlValidTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKICrlValid traps should be generated."
|
|
::= { hh3cPKITrapCntl 5 }
|
|
|
|
hh3cPKIGetCrlSucHttpTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetCrlSucHttp traps should be generated."
|
|
::= { hh3cPKITrapCntl 6 }
|
|
|
|
hh3cPKIGetCrlFailHttpTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetCrlFailHttp traps should be generated."
|
|
::= { hh3cPKITrapCntl 7 }
|
|
|
|
hh3cPKIGetCrlSucLdapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetCrlSucLdap traps should be generated."
|
|
::= { hh3cPKITrapCntl 8 }
|
|
|
|
hh3cPKIGetCrlFailLdapTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetCrlFailLdap traps should be generated."
|
|
::= { hh3cPKITrapCntl 9 }
|
|
|
|
hh3cPKIGetCrlSucScepTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetCrlSucScep traps should be generated."
|
|
::= { hh3cPKITrapCntl 10 }
|
|
|
|
hh3cPKIGetCrlFailScepTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetCrlFailScep traps should be generated."
|
|
::= { hh3cPKITrapCntl 11 }
|
|
|
|
hh3cPKILocCertInvalidTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKILocalCertInvalid traps should be generated."
|
|
::= { hh3cPKITrapCntl 12 }
|
|
|
|
hh3cPKILocCertValidTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKILocalCertValid traps should be generated."
|
|
::= { hh3cPKITrapCntl 13 }
|
|
|
|
hh3cPKIGetLocCertSucLdapTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetLocalCertSucLdap traps should be generated."
|
|
::= { hh3cPKITrapCntl 14 }
|
|
|
|
hh3cPKIGetLocCertFailLdapTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetLocalCertFailLdap traps should be generated."
|
|
::= { hh3cPKITrapCntl 15 }
|
|
|
|
hh3cPKIGetLocCeSucScepTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetLocalCertSucScep traps should be generated."
|
|
::= { hh3cPKITrapCntl 16 }
|
|
|
|
hh3cPKIGetLocCeFailScepTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIGetLocalCertFailScep traps should be generated."
|
|
::= { hh3cPKITrapCntl 17 }
|
|
|
|
hh3cPKILocCertNearExpirTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKILocalCertNearlyExpired traps should be generated."
|
|
::= { hh3cPKITrapCntl 18 }
|
|
|
|
hh3cPKILocCertHasExpirTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKILocalCertHasExpired traps should be generated."
|
|
::= { hh3cPKITrapCntl 19 }
|
|
|
|
hh3cPKICrlHasExpiredTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKICrlHasExpired traps should be generated."
|
|
::= { hh3cPKITrapCntl 20 }
|
|
|
|
hh3cPKIWriteToFlashFailTrapCntl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether hh3cPKIWriteToFlashFail traps should be generated."
|
|
::= { hh3cPKITrapCntl 21 }
|
|
|
|
-- ================================================
|
|
-- definition of traps.
|
|
-- ================================================
|
|
|
|
hh3cPKITrap OBJECT IDENTIFIER ::= { hh3cPKIObjects 3 }
|
|
hh3cPKINotifications OBJECT IDENTIFIER ::= { hh3cPKITrap 0 }
|
|
|
|
hh3cPKICACertInvalid NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKICACertIssuer,
|
|
hh3cPKICACertSubject,
|
|
hh3cPKICACertStartTime,
|
|
hh3cPKICACertFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CA
|
|
certificate is invalid."
|
|
::= { hh3cPKINotifications 1 }
|
|
|
|
hh3cPKICACertValid NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKICACertIssuer,
|
|
hh3cPKICACertSubject,
|
|
hh3cPKICACertStartTime,
|
|
hh3cPKICACertFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CA
|
|
certificate is valid."
|
|
::= { hh3cPKINotifications 2 }
|
|
|
|
hh3cPKICrlInvalid NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKICrlIssuer,
|
|
hh3cPKICrlStartTime,
|
|
hh3cPKICrlFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL
|
|
is invalid."
|
|
::= { hh3cPKINotifications 3 }
|
|
|
|
hh3cPKICrlValid NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKICrlIssuer,
|
|
hh3cPKICrlStartTime,
|
|
hh3cPKICrlFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL
|
|
is valid."
|
|
::= { hh3cPKINotifications 4 }
|
|
|
|
hh3cPKIGetCrlSucHttp NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKICrlUrl,
|
|
hh3cPKIVrfName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL is
|
|
successfully obtained through the HTTP protocol."
|
|
::= { hh3cPKINotifications 5 }
|
|
|
|
hh3cPKIGetCrlFailHttp NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKICrlUrl,
|
|
hh3cPKIVrfName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL fails to
|
|
be obtained through the HTTP protocol."
|
|
::= { hh3cPKINotifications 6 }
|
|
|
|
hh3cPKIGetCrlSucLdap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKICrlUrl,
|
|
hh3cPKIVrfName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL is
|
|
successfully obtained through the LDAP protocol."
|
|
::= { hh3cPKINotifications 7 }
|
|
|
|
hh3cPKIGetCrlFailLdap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKICrlUrl,
|
|
hh3cPKIVrfName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL fails to
|
|
be obtained through the LDAP protocol."
|
|
::= { hh3cPKINotifications 8 }
|
|
|
|
hh3cPKIGetCrlSucScep NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL
|
|
is successfully obtained through the SCEP protocol."
|
|
::= { hh3cPKINotifications 9 }
|
|
|
|
hh3cPKIGetCrlFailScep NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the CRL
|
|
fails to be obtained through the SCEP protocol."
|
|
::= { hh3cPKINotifications 10 }
|
|
|
|
hh3cPKILocalCertInvalid NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKILocalCertIssuer,
|
|
hh3cPKILocalCertSubject,
|
|
hh3cPKILocalCertStartTime,
|
|
hh3cPKILocalCertFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local
|
|
certificate is invalid."
|
|
::= { hh3cPKINotifications 11 }
|
|
|
|
hh3cPKILocalCertValid NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKILocalCertIssuer,
|
|
hh3cPKILocalCertSubject,
|
|
hh3cPKILocalCertStartTime,
|
|
hh3cPKILocalCertFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local
|
|
certificate is valid."
|
|
::= { hh3cPKINotifications 12 }
|
|
|
|
hh3cPKIGetLocalCertSucLdap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl,
|
|
hh3cPKIEntityName,
|
|
hh3cPKICertSave
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local certificate
|
|
is successfully obtained through the LDAP protocol."
|
|
::= { hh3cPKINotifications 13 }
|
|
|
|
hh3cPKIGetLocalCertFailLdap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl,
|
|
hh3cPKIEntityName,
|
|
hh3cPKICertSave
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local certificate
|
|
fails to be obtained through the LDAP protocol."
|
|
::= { hh3cPKINotifications 14 }
|
|
|
|
hh3cPKIGetLocalCertSucScep NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl,
|
|
hh3cPKICertSave,
|
|
hh3cPKICertUpdateTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local certificate
|
|
is successfully obtained through the SCEP protocol. When the local
|
|
certificate is not obtained through renewal, hh3cPKICertUpdateTime is
|
|
set to all zeros."
|
|
::= { hh3cPKINotifications 15 }
|
|
|
|
hh3cPKIGetLocalCertFailScep NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl,
|
|
hh3cPKICertSave,
|
|
hh3cPKICertUpdateTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local certificate
|
|
fails to be obtained through the SCEP protocol. When the local
|
|
certificate is not obtained through renewal, hh3cPKICertUpdateTime is
|
|
set to all zeros."
|
|
::= { hh3cPKINotifications 16 }
|
|
|
|
hh3cPKILocalCertNearlyExpired NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKILocalCertIssuer,
|
|
hh3cPKILocalCertSubject,
|
|
hh3cPKILocalCertStartTime,
|
|
hh3cPKILocalCertFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the local
|
|
certificate is about to expire."
|
|
::= { hh3cPKINotifications 17 }
|
|
|
|
hh3cPKILocalCertHasExpired NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKIDomainName,
|
|
hh3cPKILocalCertIssuer,
|
|
hh3cPKILocalCertSubject,
|
|
hh3cPKILocalCertStartTime,
|
|
hh3cPKILocalCertFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the
|
|
local certificate has expired."
|
|
::= { hh3cPKINotifications 18 }
|
|
|
|
hh3cPKICrlHasExpired NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hh3cPKICrlIssuer,
|
|
hh3cPKICrlStartTime,
|
|
hh3cPKICrlFinishTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when the
|
|
CRL expires."
|
|
::= { hh3cPKINotifications 19 }
|
|
|
|
hh3cPKIWriteToFlashFail NOTIFICATION-TYPE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated in case of failure to write CRL or certificate to flash."
|
|
::= { hh3cPKINotifications 20 }
|
|
|
|
-- =======================================
|
|
-- Conformance Information
|
|
-- =======================================
|
|
hh3cPKIConformance OBJECT IDENTIFIER
|
|
::= { hh3cPKIMonitor 2 }
|
|
hh3cPKICompliances OBJECT IDENTIFIER
|
|
::= { hh3cPKIConformance 1 }
|
|
hh3cPKIGroups OBJECT IDENTIFIER
|
|
::= { hh3cPKIConformance 2 }
|
|
|
|
-- =======================================
|
|
-- Compliance Statements
|
|
-- =======================================
|
|
hh3cPKICompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
" "
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS
|
|
{
|
|
hh3cPKITrapObjectGroup,
|
|
hh3cPKITrapCntlGroup,
|
|
hh3cPKITrapGroup
|
|
}
|
|
::= { hh3cPKICompliances 1 }
|
|
|
|
hh3cPKITrapObjectGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cPKICACertIssuer,
|
|
hh3cPKICACertSubject,
|
|
hh3cPKICACertStartTime,
|
|
hh3cPKICACertFinishTime,
|
|
hh3cPKICrlIssuer,
|
|
hh3cPKICrlStartTime,
|
|
hh3cPKICrlFinishTime,
|
|
hh3cPKIDomainName,
|
|
hh3cPKICrlUrl,
|
|
hh3cPKIVrfName,
|
|
hh3cPKICertUrl,
|
|
hh3cPKILocalCertIssuer,
|
|
hh3cPKILocalCertSubject,
|
|
hh3cPKILocalCertStartTime,
|
|
hh3cPKILocalCertFinishTime,
|
|
hh3cPKIEntityName,
|
|
hh3cPKICertSave,
|
|
hh3cPKICertUpdateTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of trap objects of PKI module."
|
|
::= { hh3cPKIGroups 1 }
|
|
|
|
hh3cPKITrapCntlGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hh3cPKITrapGlobalCntl,
|
|
hh3cPKICACertInvalidTrapCntl,
|
|
hh3cPKICACertValidTrapCntl,
|
|
hh3cPKICrlInvalidTrapCntl,
|
|
hh3cPKICrlValidTrapCntl,
|
|
hh3cPKIGetCrlSucHttpTrapCntl,
|
|
hh3cPKIGetCrlFailHttpTrapCntl,
|
|
hh3cPKIGetCrlSucLdapCntl,
|
|
hh3cPKIGetCrlFailLdapTrapCntl,
|
|
hh3cPKIGetCrlSucScepTrapCntl,
|
|
hh3cPKIGetCrlFailScepTrapCntl,
|
|
hh3cPKILocCertInvalidTrapCntl,
|
|
hh3cPKILocCertValidTrapCntl,
|
|
hh3cPKIGetLocCertSucLdapTrapCntl,
|
|
hh3cPKIGetLocCertFailLdapTrapCntl,
|
|
hh3cPKIGetLocCeSucScepTrapCntl,
|
|
hh3cPKIGetLocCeFailScepTrapCntl,
|
|
hh3cPKILocCertNearExpirTrapCntl,
|
|
hh3cPKILocCertHasExpirTrapCntl,
|
|
hh3cPKICrlHasExpiredTrapCntl,
|
|
hh3cPKIWriteToFlashFailTrapCntl
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of trap switches of PKI module."
|
|
::= { hh3cPKIGroups 2 }
|
|
|
|
hh3cPKITrapGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
hh3cPKICACertInvalid,
|
|
hh3cPKICACertValid,
|
|
hh3cPKICrlInvalid,
|
|
hh3cPKICrlValid,
|
|
hh3cPKIGetCrlSucHttp,
|
|
hh3cPKIGetCrlFailHttp,
|
|
hh3cPKIGetCrlSucLdap,
|
|
hh3cPKIGetCrlFailLdap,
|
|
hh3cPKIGetCrlSucScep,
|
|
hh3cPKIGetCrlFailScep,
|
|
hh3cPKILocalCertInvalid,
|
|
hh3cPKILocalCertValid,
|
|
hh3cPKIGetLocalCertSucLdap,
|
|
hh3cPKIGetLocalCertFailLdap,
|
|
hh3cPKIGetLocalCertSucScep,
|
|
hh3cPKIGetLocalCertFailScep,
|
|
hh3cPKILocalCertNearlyExpired,
|
|
hh3cPKILocalCertHasExpired,
|
|
hh3cPKICrlHasExpired,
|
|
hh3cPKIWriteToFlashFail
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group contains all of trap of PKI module."
|
|
::= { hh3cPKIGroups 3 }
|
|
|
|
END
|
|
|