841 lines
36 KiB
Plaintext
841 lines
36 KiB
Plaintext
BAY-STACK-DIGITAL-CERT DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
DisplayString, TruthValue, RowStatus, DateAndTime
|
|
FROM SNMPv2-TC
|
|
RcLongDisplayString
|
|
FROM RAPID-CITY
|
|
bayStackMibs
|
|
FROM SYNOPTICS-ROOT-MIB;
|
|
|
|
bayStackDigitalCert MODULE-IDENTITY
|
|
LAST-UPDATED "201712080000Z"
|
|
ORGANIZATION "Avaya"
|
|
CONTACT-INFO "avaya.com"
|
|
DESCRIPTION "Enterprise MIB for the Digital Certificate mibs."
|
|
|
|
REVISION "201712080000Z" -- December 08, 2017
|
|
DESCRIPTION "Ver 3: * Add bits ssh-server(5), ssh-client(6) in
|
|
bsDigitalCertUseFor"
|
|
|
|
REVISION "201709210000Z" -- September 21, 2017
|
|
DESCRIPTION "Ver 2: * Add object bsDigitalCertSubjectFqdn under
|
|
bsDigitalCertSubjectScalars
|
|
* Add bsDigitalCertForceReplacement under
|
|
bsDigitalCertImportExport
|
|
* Remove objects bsDigitalCertFileActionStatus and
|
|
bsDigitalCertFileActionError from bsDigitalCertFileMgmt
|
|
* Add objects bsDigitalCertChainPosition,
|
|
bsDigitalCertSha1Hash and bsDigitalCertMd5Hash
|
|
under bsDigitalCertEntry
|
|
* Add object bsDigitalCertCaChainComplete
|
|
under bsDigitalCertCaEntry
|
|
* Add values raCert and crl in enum
|
|
bsDigitalCertType
|
|
* Reversed order of objects bsDigitalCertFileName,
|
|
bsDigitalCertAssociatedContextName and
|
|
bsDigitalCertAssociatedContextType under
|
|
bsDigitalCertEntry"
|
|
|
|
REVISION "201705040000Z" -- April 5, 2017
|
|
DESCRIPTION "Ver 1: Initial version."
|
|
|
|
::= { bayStackMibs 48 }
|
|
|
|
bsDigitalCertNotifications OBJECT IDENTIFIER ::= { bayStackDigitalCert 0 }
|
|
bsDigitalCertObjects OBJECT IDENTIFIER ::= { bayStackDigitalCert 1 }
|
|
bsDigitalCertScalars OBJECT IDENTIFIER ::= { bsDigitalCertObjects 1 }
|
|
bsDigitalCertSubjectScalars OBJECT IDENTIFIER ::= { bsDigitalCertScalars 1 }
|
|
bsDigitalCertImportExport OBJECT IDENTIFIER ::= { bsDigitalCertScalars 2 }
|
|
bsDigitalCertFileMgmt OBJECT IDENTIFIER ::= { bsDigitalCertScalars 3 }
|
|
|
|
-- scalar objects
|
|
|
|
-- subject
|
|
|
|
bsDigitalCertSubjectCommonName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The value of the Common Name field of the subject sending the
|
|
Certificate Signing Request to the Certificate Authority"
|
|
::= {bsDigitalCertSubjectScalars 1 }
|
|
|
|
bsDigitalCertSubjectEmailAddress OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..254))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The Email Address of the subject sending the Certificate
|
|
Signing Request to the Certificate Authority"
|
|
::= { bsDigitalCertSubjectScalars 2 }
|
|
|
|
bsDigitalCertSubjectOrganizationalUnit OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The Organizational Unit field of the subject sending the
|
|
Certificate Signing Request to the Certificate Authority"
|
|
::= { bsDigitalCertSubjectScalars 3 }
|
|
|
|
bsDigitalCertSubjectOrganization OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The Organization of the subject sending the Certificate
|
|
Signing Request to the Certificate Authority"
|
|
::= { bsDigitalCertSubjectScalars 4 }
|
|
|
|
bsDigitalCertSubjectLocality OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the Locality of the subject sending the
|
|
Certificate Signing Request to the Certificate Authority"
|
|
::= { bsDigitalCertSubjectScalars 5 }
|
|
|
|
bsDigitalCertSubjectProvince OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The Province name of the subject sending the Certificate
|
|
Signing Request to the Certificate Authority"
|
|
::= { bsDigitalCertSubjectScalars 6 }
|
|
|
|
bsDigitalCertSubjectCountry OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..2))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the country of the subject sending the
|
|
Certificate Signing Request to the Certificate Authority"
|
|
::= { bsDigitalCertSubjectScalars 7 }
|
|
|
|
bsDigitalCertSubjectIncludeIpAddress OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether all IP addresses will be included in
|
|
the Subject Alternative Name extension of the Certificate
|
|
Signing Request"
|
|
::= { bsDigitalCertSubjectScalars 8 }
|
|
|
|
bsDigitalCertSubjectFqdn OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The fully qualified name of the subject"
|
|
::= { bsDigitalCertSubjectScalars 9 }
|
|
|
|
-- import and export
|
|
|
|
bsDigitalCertLocalResource OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
file(1),
|
|
csr(2),
|
|
pkcs12(3),
|
|
keypair(4),
|
|
pkcs7(5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The type of resource to be exported"
|
|
::= { bsDigitalCertImportExport 1 }
|
|
bsDigitalCertPkcs12Passphrase OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Specifies the passphrase to use for encrypting and decrypting pkcs#12 containers"
|
|
::= { bsDigitalCertImportExport 2 }
|
|
bsDigitalCertLocalName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..254))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the file or key pair to be imported or exported from nvram.
|
|
Ignored for CSR, PKCS#7 and PKCS#12."
|
|
::= { bsDigitalCertImportExport 3 }
|
|
bsDigitalCertFileAssociatedContextName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..45))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the context to associate imported and exported files"
|
|
::= { bsDigitalCertImportExport 4 }
|
|
bsDigitalCertFileAssociatedContextType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ca(1),
|
|
truststore(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The type of the context to associate imported and exported files "
|
|
::= { bsDigitalCertImportExport 5 }
|
|
bsDigitalCertRemoteFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..254))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The address and name of the file to be imported or exported on a remote location"
|
|
::= { bsDigitalCertImportExport 6 }
|
|
bsDigitalCertFileSupport OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
usb(1),
|
|
sftp(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The storage type of the file to be imported or exported"
|
|
::= { bsDigitalCertImportExport 7 }
|
|
bsDigitalCertSftpUsername OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The username to log into when accessing the SFTP server"
|
|
::= { bsDigitalCertImportExport 8 }
|
|
bsDigitalCertUsbUnitNumber OBJECT-TYPE
|
|
SYNTAX Integer32 (0..8)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The unit number whose USB to access"
|
|
::= { bsDigitalCertImportExport 9 }
|
|
bsDigitalCertForceReplacement OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Controls whether a name conflict will be resolved by replacing the old file with the new one"
|
|
::= { bsDigitalCertImportExport 10 }
|
|
bsDigitalCertAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noop(1),
|
|
import(2),
|
|
export(3),
|
|
delete(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Specifies the action to be taken on the previously specified file"
|
|
::= { bsDigitalCertImportExport 11 }
|
|
bsDigitalCertActionStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
success(2),
|
|
failed(3),
|
|
inprogress(4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Displays the status of the latest action"
|
|
::= { bsDigitalCertImportExport 12 }
|
|
bsDigitalCertActionError OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Displays the error message that occurent during the latest action, if any"
|
|
::= { bsDigitalCertImportExport 13 }
|
|
|
|
-- file management
|
|
|
|
bsDigitalCertSourceFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..254))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the file to be copied, moved or renamed"
|
|
::= { bsDigitalCertFileMgmt 1 }
|
|
bsDigitalCertSourceContextName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..45))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the context where the source file is located"
|
|
::= { bsDigitalCertFileMgmt 2 }
|
|
bsDigitalCertSourceContextType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ca(1),
|
|
truststore(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The type of the context where the source file is located"
|
|
::= { bsDigitalCertFileMgmt 3 }
|
|
bsDigitalCertDestinationFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..254))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "A new name for the source file or its copy"
|
|
::= { bsDigitalCertFileMgmt 4 }
|
|
bsDigitalCertDestinationContextName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..45))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The name of the context where to place the source file or its copy"
|
|
::= { bsDigitalCertFileMgmt 5 }
|
|
bsDigitalCertDestinationContextType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ca(1),
|
|
truststore(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "The type of the context where to place the source file or its copy"
|
|
::= { bsDigitalCertFileMgmt 6 }
|
|
bsDigitalCertFileAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noop(1),
|
|
copy(2),
|
|
move(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Specifies the action to be taken on the previously specified file.
|
|
Moving a file within the same CA entry will result in a rename."
|
|
::= { bsDigitalCertFileMgmt 7 }
|
|
|
|
-- key table
|
|
|
|
bsDigitalCertKeyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BsDigitalCertKeyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Table containing all the information related to the key-pair, required
|
|
to get the Digital Certificate from the Certificate Authority."
|
|
::= { bsDigitalCertObjects 2 }
|
|
|
|
bsDigitalCertKeyEntry OBJECT-TYPE
|
|
SYNTAX BsDigitalCertKeyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "The entry specifies the key-pair
|
|
name, size, the algorithm used for the generation of key-pair
|
|
and if the user is allowed to export it."
|
|
INDEX { bsDigitalCertKeyName }
|
|
::= { bsDigitalCertKeyTable 1 }
|
|
|
|
BsDigitalCertKeyEntry ::= SEQUENCE {
|
|
bsDigitalCertKeyName DisplayString,
|
|
bsDigitalCertKeyType INTEGER,
|
|
bsDigitalCertKeySize Integer32,
|
|
bsDigitalCertKeyFingerprint DisplayString,
|
|
bsDigitalCertKeyRowStatus RowStatus
|
|
}
|
|
|
|
bsDigitalCertKeyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..46))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Refers to the name of the key-pair generated or imported for the subject"
|
|
::= { bsDigitalCertKeyEntry 1 }
|
|
|
|
bsDigitalCertKeyType OBJECT-TYPE
|
|
SYNTAX INTEGER { rsa (1) }
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Defines the algorithm used to generate the key-pair"
|
|
::= { bsDigitalCertKeyEntry 2 }
|
|
|
|
bsDigitalCertKeySize OBJECT-TYPE
|
|
SYNTAX Integer32 (2048)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Defines the size of the key-pair to be generated "
|
|
::= { bsDigitalCertKeyEntry 3 }
|
|
|
|
bsDigitalCertKeyFingerprint OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..60))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Displays the SHA1 fingerprint of the key pair"
|
|
::= { bsDigitalCertKeyEntry 4 }
|
|
|
|
bsDigitalCertKeyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries"
|
|
::= { bsDigitalCertKeyEntry 5 }
|
|
|
|
-- ca table
|
|
|
|
bsDigitalCertCaTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BsDigitalCertCaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Table containing all the information related to the
|
|
Certificate Authority issuing the Digital Certificate"
|
|
::= { bsDigitalCertObjects 3 }
|
|
|
|
bsDigitalCertCaEntry OBJECT-TYPE
|
|
SYNTAX BsDigitalCertCaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Entry containing
|
|
information about the Certificate Authority"
|
|
INDEX { bsDigitalCertCaName }
|
|
::= { bsDigitalCertCaTable 1 }
|
|
|
|
BsDigitalCertCaEntry ::= SEQUENCE {
|
|
bsDigitalCertCaName DisplayString,
|
|
bsDigitalCertCaCommonName DisplayString,
|
|
bsDigitalCertCaKeyName DisplayString,
|
|
bsDigitalCertCaCaUrl RcLongDisplayString,
|
|
bsDigitalCertCaAction INTEGER,
|
|
bsDigitalCertCaActionChallengePassword DisplayString,
|
|
bsDigitalCertCaAuthenticated TruthValue,
|
|
bsDigitalCertCaLastActionStatus INTEGER,
|
|
bsDigitalCertCaLastActionFailureReason DisplayString,
|
|
bsDigitalCertCaSubjectCertificateValidityDays Integer32,
|
|
bsDigitalCertCaUsePost TruthValue,
|
|
bsDigitalCertUseFor BITS,
|
|
bsDigitalCertRegenerateKeyOnEnroll TruthValue,
|
|
bsDigitalCertCaChainComplete TruthValue,
|
|
bsDigitalCertCaRowStatus RowStatus
|
|
}
|
|
|
|
|
|
bsDigitalCertCaName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..45))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "User defined name referring to the Certificate Authority
|
|
issuing the Digital Certificate"
|
|
::= { bsDigitalCertCaEntry 1 }
|
|
|
|
bsDigitalCertCaCommonName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Defines the Common Name of the Certificate Authority
|
|
issuing the Digital Certificate"
|
|
::= { bsDigitalCertCaEntry 2 }
|
|
|
|
bsDigitalCertCaKeyName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..45))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Defines the name of the associated key pair .
|
|
It refers to the Key Name entry of the bsDigitalCertKeyTable"
|
|
::= { bsDigitalCertCaEntry 3 }
|
|
|
|
bsDigitalCertCaCaUrl OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..1000))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Defines the URL of the Certificate Authority issuing
|
|
the Digital Certificate"
|
|
::= { bsDigitalCertCaEntry 4 }
|
|
|
|
bsDigitalCertCaAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noop(1),
|
|
caauth(2),
|
|
enroll(3),
|
|
renew(4),
|
|
remove(5),
|
|
getCrl(6),
|
|
genSelfSig(7),
|
|
getCaCert(8)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "specifies the various actions Certificate Authority can take-
|
|
'noop' - No operation
|
|
'caauth' - Athenticates the Certificate Authority (CA) based on
|
|
the previously retrieved Root CA Certificate.
|
|
'enroll' - Certificate Enrolment Request.
|
|
'renew' - Certificate Renew Request.
|
|
'remove' - Removes the subject certificate obtained online from the Certificate Authority.
|
|
'getCrl' - Get the Certificate Revocation List from the CDP.
|
|
'genSelfSig'- Generate a self-signed certificate.
|
|
'getCaCert' - Retrieve Root CA certificate from the Certificate Authority"
|
|
::= { bsDigitalCertCaEntry 5 }
|
|
|
|
bsDigitalCertCaActionChallengePassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "specifies the challenge password required to perform the scep operation"
|
|
::= { bsDigitalCertCaEntry 6 }
|
|
|
|
bsDigitalCertCaAuthenticated OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether the Online Certificate Authority is authenticated"
|
|
::= { bsDigitalCertCaEntry 7 }
|
|
|
|
bsDigitalCertCaLastActionStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
success(2),
|
|
failed(3),
|
|
inProgress(4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the status of the last action
|
|
'none' - No action was performed yet.
|
|
'success' - Execution of the action triggered is
|
|
completed successfully.
|
|
'failed' - Execution of the action triggered has
|
|
failed.
|
|
'inProgress' - Execution of the action triggered is
|
|
in progress. "
|
|
::= { bsDigitalCertCaEntry 8 }
|
|
|
|
bsDigitalCertCaLastActionFailureReason OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..81))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Defines the reason of failure for the last action performed
|
|
by the Certificate Authority"
|
|
::= { bsDigitalCertCaEntry 9 }
|
|
|
|
bsDigitalCertCaSubjectCertificateValidityDays OBJECT-TYPE
|
|
SYNTAX Integer32 (7..1185)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Number of days for which subject certificate will remain
|
|
valid"
|
|
DEFVAL { 365 }
|
|
::= { bsDigitalCertCaEntry 10 }
|
|
|
|
bsDigitalCertCaUsePost OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "specifies the HTTP request type : URL or POST , TRUE for EJBCA and FALSE for Win2012 CA"
|
|
DEFVAL { true }
|
|
::= { bsDigitalCertCaEntry 11 }
|
|
|
|
bsDigitalCertUseFor OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
ike(0),
|
|
ssl-server(1),
|
|
ssl-client(2),
|
|
slamon(3),
|
|
cloud(4),
|
|
ssh-server(5),
|
|
ssh-client(6)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Specifies for what features will use the subject certificate from this CA.
|
|
Features are represented in form of bits as follows:
|
|
bit 0 - IKE
|
|
bit 1 - SSL server
|
|
bit 2 - SSL client
|
|
bit 3 - SLAmon
|
|
bit 4 - Cloud
|
|
bit 5 - SSH server
|
|
bit 6 - SSH client"
|
|
::= { bsDigitalCertCaEntry 12 }
|
|
|
|
bsDigitalCertRegenerateKeyOnEnroll OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether the associated key pair will be regenerated on re-enroll"
|
|
DEFVAL { false }
|
|
::= { bsDigitalCertCaEntry 13 }
|
|
|
|
bsDigitalCertCaChainComplete OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether the CA entry contains a complete certificate chain"
|
|
::= { bsDigitalCertCaEntry 14 }
|
|
|
|
bsDigitalCertCaRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION "Used to create/delete entries"
|
|
::= { bsDigitalCertCaEntry 15 }
|
|
|
|
-- certificates table
|
|
|
|
bsDigitalCertTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BsDigitalCertEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Table of information about digital certificates"
|
|
::= { bsDigitalCertObjects 4 }
|
|
|
|
bsDigitalCertEntry OBJECT-TYPE
|
|
SYNTAX BsDigitalCertEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Entry containing
|
|
information about digital certificates"
|
|
INDEX { bsDigitalCertAssociatedContextType, bsDigitalCertAssociatedContextName, bsDigitalCertFileName }
|
|
::= { bsDigitalCertTable 1 }
|
|
|
|
BsDigitalCertEntry ::= SEQUENCE {
|
|
bsDigitalCertAssociatedContextType INTEGER,
|
|
bsDigitalCertAssociatedContextName DisplayString,
|
|
bsDigitalCertFileName RcLongDisplayString,
|
|
bsDigitalCertType INTEGER,
|
|
bsDigitalCertChainPosition Integer32,
|
|
bsDigitalCertSha1Hash DisplayString,
|
|
bsDigitalCertMd5Hash DisplayString,
|
|
bsDigitalCertVersionNumber DisplayString,
|
|
bsDigitalCertSerialNumber DisplayString,
|
|
bsDigitalCertIssuerName RcLongDisplayString,
|
|
bsDigitalCertValidStartPeriod DateAndTime,
|
|
bsDigitalCertValidEndPeriod DateAndTime,
|
|
bsDigitalCertCertificateSignatureAlgorithm INTEGER,
|
|
bsDigitalCertCertificateSignature RcLongDisplayString,
|
|
bsDigitalCertSubject RcLongDisplayString,
|
|
bsDigitalCertSubjectPublicKeyAlgorithm INTEGER,
|
|
bsDigitalCertSubjectPublicKey OCTET STRING,
|
|
bsDigitalCertHasBasicConstraint TruthValue,
|
|
bsDigitalCertHasKeyUsage TruthValue,
|
|
bsDigitalCertIsCa TruthValue,
|
|
bsDigitalCertKeyUsage BITS,
|
|
bsDigitalCertStatus DisplayString,
|
|
bsDigitalCertCdpUrl RcLongDisplayString,
|
|
bsDigitalCertOcspUrl RcLongDisplayString,
|
|
bsDigitalCertExtendedKeyUsage DisplayString
|
|
}
|
|
|
|
bsDigitalCertAssociatedContextType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ca(1),
|
|
truststore(2)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Specifies the type of the associated context"
|
|
::= { bsDigitalCertEntry 1 }
|
|
|
|
bsDigitalCertAssociatedContextName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..45))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Specifies the name of the associated context"
|
|
::= { bsDigitalCertEntry 2 }
|
|
|
|
bsDigitalCertFileName OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..512))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Specifies the common name value of the certificate subject"
|
|
::= { bsDigitalCertEntry 3 }
|
|
|
|
bsDigitalCertType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
caCert(1),
|
|
intermediateCaCert (2),
|
|
subjectCert(3),
|
|
raCert(4),
|
|
crl(5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Identifies certificate role in a chain of trust
|
|
'caCert' - Root Certificate Authority's Certificate
|
|
'intermediateCaCert' - Intermediate Certificate Authority's Certificate
|
|
'subjectCert' - Subject Certificate
|
|
'raCert' - Registration Authority Certificate
|
|
'crl' - Certificate Revocation List"
|
|
::= { bsDigitalCertEntry 4 }
|
|
|
|
bsDigitalCertChainPosition OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Certificate position in the chain or 0 if certificate is not part of the chain"
|
|
::= { bsDigitalCertEntry 5 }
|
|
|
|
bsDigitalCertSha1Hash OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..254))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "SHA1 certificate fingerprint"
|
|
::= { bsDigitalCertEntry 6 }
|
|
|
|
bsDigitalCertMd5Hash OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "MD5 certificate fingerprint"
|
|
::= { bsDigitalCertEntry 7 }
|
|
|
|
bsDigitalCertVersionNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the version number of the certificate for the subject
|
|
as issued by the Certificate Authority"
|
|
::= { bsDigitalCertEntry 8 }
|
|
|
|
bsDigitalCertSerialNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..50))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the serial number of the certificate for the subject
|
|
as issued by the Certificate Authority "
|
|
::= { bsDigitalCertEntry 9 }
|
|
|
|
bsDigitalCertIssuerName OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..1000))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the issuer's name of the certificate for the subject
|
|
as issued by the Certificate Authority"
|
|
::= { bsDigitalCertEntry 10 }
|
|
|
|
bsDigitalCertValidStartPeriod OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the start date of the validation period of the certificate
|
|
for the subject as issued by the Certificate Authority "
|
|
::= { bsDigitalCertEntry 11 }
|
|
|
|
bsDigitalCertValidEndPeriod OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the last date of the validation period of the certificate
|
|
for the subject as issued by the Certificate Authority"
|
|
::= { bsDigitalCertEntry 12 }
|
|
|
|
bsDigitalCertCertificateSignatureAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
rsaEncryption(1),
|
|
md2withRSAEncryption(2),
|
|
md4withRSAEncryption(3),
|
|
md5withRSAEncryption(4),
|
|
sha1withRSAEncryption(5),
|
|
sha256withRSAEncryption(11),
|
|
sha384withRSAEncryption(12),
|
|
sha512withRSAEncryption(13),
|
|
sha224withRSAEncryption(14)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the algorithm used for the issuer's signature on the certificate
|
|
for the subject as issued by the Certificate Authority"
|
|
::= { bsDigitalCertEntry 13 }
|
|
|
|
bsDigitalCertCertificateSignature OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..4096))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the issuer's signature on the certificate for the subject
|
|
as issued by the Certificate Authority"
|
|
::= { bsDigitalCertEntry 14 }
|
|
|
|
bsDigitalCertSubject OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..1000))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the details of the subject on its certificate as
|
|
issued by Certificate Authority "
|
|
::= { bsDigitalCertEntry 15 }
|
|
|
|
bsDigitalCertSubjectPublicKeyAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
rsaEncryption(1),
|
|
md2withRSAEncryption(2),
|
|
md4withRSAEncryption(3),
|
|
md5withRSAEncryption(4),
|
|
sha1withRSAEncryption(5),
|
|
sha256withRSAEncryption(11),
|
|
sha384withRSAEncryption(12),
|
|
sha512withRSAEncryption(13),
|
|
sha224withRSAEncryption(14)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the algorithm used to generate the subject's
|
|
public key for the certificate issued by the Certificate Authority"
|
|
::= { bsDigitalCertEntry 16 }
|
|
|
|
bsDigitalCertSubjectPublicKey OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..2048))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the public key of the subject"
|
|
::= { bsDigitalCertEntry 17 }
|
|
|
|
bsDigitalCertHasBasicConstraint OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether certificate contains basic certificate constraint"
|
|
::= { bsDigitalCertEntry 18 }
|
|
|
|
bsDigitalCertHasKeyUsage OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether certificate contains basic key usage constraint"
|
|
::= { bsDigitalCertEntry 19 }
|
|
|
|
bsDigitalCertIsCa OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies whether this is Certificate Authority's certificate or not"
|
|
::= { bsDigitalCertEntry 20 }
|
|
|
|
bsDigitalCertKeyUsage OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
digitalSignature(0),
|
|
nonRepudiation(1),
|
|
keyEncipherment(2),
|
|
dataEncipherment(3),
|
|
keyAgreement(4),
|
|
keyCertSign(5),
|
|
cRLSign(6),
|
|
encipherOnly(7),
|
|
decipherOnly(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "specifies the purpose of the key used in the
|
|
certificate. It is represented in form of bits as follows-
|
|
bit 0 - digitalSignature
|
|
bit 1 - nonRepudiation
|
|
bit 2 - keyEncipherment
|
|
bit 3 - dataEncipherment
|
|
bit 4 - keyAgreement
|
|
bit 5 - keyCertSign
|
|
bit 6 - cRLSign
|
|
bit 7 - encipherOnly
|
|
bit 8 - decipherOnly"
|
|
::= { bsDigitalCertEntry 21 }
|
|
|
|
bsDigitalCertStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..129))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the status of the certificate"
|
|
::= { bsDigitalCertEntry 22 }
|
|
|
|
bsDigitalCertCdpUrl OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..1000))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the CDP URL present in the Extensions
|
|
field of the Digital Certificate."
|
|
::= { bsDigitalCertEntry 23 }
|
|
|
|
bsDigitalCertOcspUrl OBJECT-TYPE
|
|
SYNTAX RcLongDisplayString (SIZE(0..1000))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the OCSP URL present in the AIA
|
|
field of the Digital Certificate."
|
|
::= { bsDigitalCertEntry 24 }
|
|
|
|
bsDigitalCertExtendedKeyUsage OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the purpose for which the key may be used,
|
|
in addition to or in place of the basic purposes
|
|
indicated in the key-usage field of the certificate."
|
|
::= { bsDigitalCertEntry 25 }
|
|
|
|
END
|