1465 lines
54 KiB
Plaintext
1465 lines
54 KiB
Plaintext
TIMETRA-TLS-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-COMPLIANCE, OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
Integer32, MODULE-IDENTITY, OBJECT-TYPE,
|
|
Unsigned32
|
|
FROM SNMPv2-SMI
|
|
DisplayString, RowStatus,
|
|
TEXTUAL-CONVENTION, TimeStamp
|
|
FROM SNMPv2-TC
|
|
timetraSRMIBModules, tmnxSRConfs,
|
|
tmnxSRNotifyPrefix, tmnxSRObjs
|
|
FROM TIMETRA-GLOBAL-MIB
|
|
TNamedItem, TNamedItemOrEmpty,
|
|
TmnxAdminState, TmnxOperState
|
|
FROM TIMETRA-TC-MIB
|
|
;
|
|
|
|
timetraTlsMIBModule MODULE-IDENTITY
|
|
LAST-UPDATED "201701010000Z"
|
|
ORGANIZATION "Nokia"
|
|
CONTACT-INFO
|
|
"Nokia SROS Support
|
|
Web: http://www.nokia.com"
|
|
DESCRIPTION
|
|
"This document is the SNMP MIB module for the Nokia SROS implementation
|
|
of the TLS protocol.
|
|
|
|
Copyright 2008-2018 Nokia. All rights reserved.
|
|
Reproduction of this document is authorized on the condition
|
|
that the foregoing copyright notice is included.
|
|
|
|
This SNMP MIB module (Specification) embodies Nokia's
|
|
proprietary intellectual property. Nokia retains all
|
|
title and ownership in the Specification, including any revisions.
|
|
|
|
Nokia grants all interested parties a non-exclusive license to use and
|
|
distribute an unmodified copy of this Specification in connection with
|
|
management of Nokia products, and without fee, provided this copyright
|
|
notice and license appear on all copies.
|
|
|
|
This Specification is supplied `as is', and Nokia
|
|
makes no warranty, either express or implied, as to the use,
|
|
operation, condition, or performance of the Specification."
|
|
|
|
REVISION "201701010000Z"
|
|
DESCRIPTION
|
|
"Rev 15.0 01 Jan 2017 00:00
|
|
15.0 release of the TIMETRA-WLAN-GW-MIB."
|
|
|
|
REVISION "201510050000Z"
|
|
DESCRIPTION
|
|
"Rev 0.1 05 Oct 2015 00:00
|
|
Initial version of the TIMETRA-TLS-MIB."
|
|
|
|
::= { timetraSRMIBModules 107 }
|
|
|
|
TTlsCipherSuiteCode ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention specifies the cipher suite codes supported by
|
|
the SR-OS which are used in the TLS Client Hello and TLS Server Hello
|
|
messages.
|
|
|
|
A cipher suite defines a cipher specification supported in a given
|
|
version of the TLS protocol. You can find a detailed description of
|
|
cipher suite codes and cipher suite definitions for the TLS protocol
|
|
respectively in appendix A.5 and C of RFC 5246
|
|
|
|
Cipher suites with Null cipher are no longer supported. These are
|
|
tlsRsaWithNullMd5, tlsRsaWithNullSha and tlsRsaWithNullSha256."
|
|
SYNTAX INTEGER {
|
|
tlsRsaWithNullMd5 (1),
|
|
tlsRsaWithNullSha (2),
|
|
tlsRsaWithNullSha256 (59),
|
|
tlsRsaWith3desEdeCbcSha (10),
|
|
tlsRsaWithAes128CbcSha (47),
|
|
tlsRsaWithAes256CbcSha (53),
|
|
tlsRsaWithAes128CbcSha256 (60),
|
|
tlsRsaWithAes256CbcSha256 (61)
|
|
}
|
|
|
|
tmnxTlsObjs OBJECT IDENTIFIER ::= { tmnxSRObjs 107 }
|
|
|
|
tmnxTlsScalarObjs OBJECT IDENTIFIER ::= { tmnxTlsObjs 1 }
|
|
|
|
tmnxTlsConfigTimeStamps OBJECT IDENTIFIER ::= { tmnxTlsScalarObjs 1 }
|
|
|
|
tTlsCertProfileTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfileTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to tTlsCertProfileTable
|
|
by adding, deleting an entry or change to a writable object in the
|
|
table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 1 }
|
|
|
|
tTlsCertProfEntryIdTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsCertProfEntryIdTable by adding, deleting an entry or change to a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 2 }
|
|
|
|
tTlsCertChainCAProfTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertChainCAProfTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsCertChainCAProfTable by adding, deleting an entry or change to a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 3 }
|
|
|
|
tTlsTrustAnchorProfTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorProfTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsTrustAnchorProfTable by adding, deleting an entry or change to a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 4 }
|
|
|
|
tTlsTrustAnchorsTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorsTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsTrustAnchorsTable by adding, deleting an entry or change to a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 5 }
|
|
|
|
tTlsClientCiphListTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClientCiphListTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsClientCiphListTable by adding, deleting an entry or change to a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 6 }
|
|
|
|
tTlsClntCiphListParTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntCiphListParTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsClntCiphListParamTable by adding, deleting an entry or change to a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 7 }
|
|
|
|
tTlsClntProfileTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to tTlsClntProfileTable
|
|
by adding, deleting an entry or change to a writable object in the
|
|
table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 8 }
|
|
|
|
tTlsServerCiphListTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsServerCiphListTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsServerCiphListTable by adding/deleting an entry or changing a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 9 }
|
|
|
|
tTlsSrvCiphListParTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvCiphListParTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to
|
|
tTlsSrvCiphListParamTable by adding/deleting an entry or changing a
|
|
writable object in the table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 10 }
|
|
|
|
tTlsSrvProfileTblLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileTblLastChgd indicates the
|
|
sysUpTime at the time of the last modification to tTlsSrvProfileTable
|
|
by adding/deleting an entry or changing a writable object in the
|
|
table.
|
|
|
|
If no changes were made to the table since the last re-initialization
|
|
of the local network management subsystem, then this object contains a
|
|
zero value."
|
|
::= { tmnxTlsConfigTimeStamps 11 }
|
|
|
|
tmnxTlsConfigObjs OBJECT IDENTIFIER ::= { tmnxTlsObjs 2 }
|
|
|
|
tTlsCertProfileTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsCertProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCertProfileTable stores configuration and status information
|
|
related to TLS certificate profiles."
|
|
::= { tmnxTlsConfigObjs 1 }
|
|
|
|
tTlsCertProfileEntry OBJECT-TYPE
|
|
SYNTAX TTlsCertProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCertProfileEntry is an entry (conceptual row) in the
|
|
tTlsCertProfileTable. Each entry contains information pertaining to a
|
|
TLS certificate profile.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsCertProfileRowStatus."
|
|
INDEX { tTlsCertProfileName }
|
|
::= { tTlsCertProfileTable 1 }
|
|
|
|
TTlsCertProfileEntry ::= SEQUENCE
|
|
{
|
|
tTlsCertProfileName TNamedItem,
|
|
tTlsCertProfileLastChgd TimeStamp,
|
|
tTlsCertProfileRowStatus RowStatus,
|
|
tTlsCertProfileAdminState TmnxAdminState,
|
|
tTlsCertProfileOperState TmnxOperState,
|
|
tTlsCertProfileOperFlags BITS
|
|
}
|
|
|
|
tTlsCertProfileName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfileName specifies a TLS
|
|
certificate profile name."
|
|
::= { tTlsCertProfileEntry 1 }
|
|
|
|
tTlsCertProfileLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfileLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsCertProfileEntry 2 }
|
|
|
|
tTlsCertProfileRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfileRowStatus specifies the status
|
|
of the conceptual row in tTlsCertProfileTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsCertProfileEntry 3 }
|
|
|
|
tTlsCertProfileAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfileAdminState specifies the
|
|
administrative state of tTlsCertProfileEntry."
|
|
DEFVAL { outOfService }
|
|
::= { tTlsCertProfileEntry 4 }
|
|
|
|
tTlsCertProfileOperState OBJECT-TYPE
|
|
SYNTAX TmnxOperState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfileOperState indicates the
|
|
operational state of tTlsCertProfileEntry."
|
|
::= { tTlsCertProfileEntry 5 }
|
|
|
|
tTlsCertProfileOperFlags OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
profileAdminDown (0),
|
|
invalidCertFile (1),
|
|
invalidKeyFile (2),
|
|
invalidCertKeyCombo (3),
|
|
caProfileOperDown (4),
|
|
invalidCAProfEntry (5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tTlsCertProfileOperFlags indicates the operational
|
|
condition of the certificate profile which is aggregated from all its
|
|
configured entries."
|
|
::= { tTlsCertProfileEntry 6 }
|
|
|
|
tTlsCertProfEntryIdTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsCertProfEntryIdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCertProfEntryIdTable stores configuration and status
|
|
information related to TLS certificate profile entries."
|
|
::= { tmnxTlsConfigObjs 2 }
|
|
|
|
tTlsCertProfEntryIdEntry OBJECT-TYPE
|
|
SYNTAX TTlsCertProfEntryIdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCertProfEntryIdEntry is an entry (conceptual row) in the
|
|
tTlsCertProfEntryIdTable. Each entry contains information pertaining
|
|
to a certificate profile entry.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsCertProfEntryIdRowStatus."
|
|
INDEX {
|
|
tTlsCertProfileName,
|
|
tTlsCertProfEntryId
|
|
}
|
|
::= { tTlsCertProfEntryIdTable 1 }
|
|
|
|
TTlsCertProfEntryIdEntry ::= SEQUENCE
|
|
{
|
|
tTlsCertProfEntryId Integer32,
|
|
tTlsCertProfEntryIdLastChgd TimeStamp,
|
|
tTlsCertProfEntryIdRowStatus RowStatus,
|
|
tTlsCertProfEntryIdCertFile DisplayString,
|
|
tTlsCertProfEntryIdKeyFile DisplayString,
|
|
tTlsCertProfEntryIdCompChain INTEGER,
|
|
tTlsCertProfEntryIdOperFlags BITS
|
|
}
|
|
|
|
tTlsCertProfEntryId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..8)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryId specifies a TLS
|
|
certificate profile entry identifier."
|
|
::= { tTlsCertProfEntryIdEntry 1 }
|
|
|
|
tTlsCertProfEntryIdLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsCertProfEntryIdEntry 2 }
|
|
|
|
tTlsCertProfEntryIdRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdRowStatus specifies the
|
|
status of the conceptual row in tTlsCertProfEntryIdTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsCertProfEntryIdEntry 3 }
|
|
|
|
tTlsCertProfEntryIdCertFile OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..95))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdCertFile specifies the file
|
|
URL of the certificate to be used with this TLS certificate profile
|
|
entry."
|
|
DEFVAL { ''H }
|
|
::= { tTlsCertProfEntryIdEntry 4 }
|
|
|
|
tTlsCertProfEntryIdKeyFile OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..95))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdKeyFile specifies the
|
|
key-pair file to be used for X.509 certificate authentication with
|
|
this TLS certificate profile entry."
|
|
DEFVAL { ''H }
|
|
::= { tTlsCertProfEntryIdEntry 5 }
|
|
|
|
tTlsCertProfEntryIdCompChain OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
notAvailable (0),
|
|
partial (1),
|
|
complete (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdCompChain indicates the
|
|
status of computed chain for this TLS certificate profile entry."
|
|
::= { tTlsCertProfEntryIdEntry 6 }
|
|
|
|
tTlsCertProfEntryIdOperFlags OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
profileAdminDown (0),
|
|
invalidCertFile (1),
|
|
invalidKeyFile (2),
|
|
invalidCertKeyCombo (3),
|
|
caProfileOperDown (4),
|
|
invalidCAProfEntry (5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertProfEntryIdOperFlags indicates the
|
|
operational condition of this certificate profile entry."
|
|
::= { tTlsCertProfEntryIdEntry 7 }
|
|
|
|
tTlsCompChainCAProfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsCompChainCAProfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCompChainCAProfTable maintains Certificate-Authority (CA)
|
|
profiles which are part of computed chain per certificate profile
|
|
entry."
|
|
::= { tmnxTlsConfigObjs 3 }
|
|
|
|
tTlsCompChainCAProfEntry OBJECT-TYPE
|
|
SYNTAX TTlsCompChainCAProfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCompChainCAProfEntry is an entry (conceptual row) in the
|
|
tTlsCompChainCAProfTable. Each entry represents a part of the computed
|
|
chain per certificate profile entry.
|
|
|
|
|
|
Entries in this table are created by the system when the user wants to
|
|
send a chain of CA certificates back to the peer for authentication."
|
|
INDEX {
|
|
tTlsCertProfileName,
|
|
tTlsCertProfEntryId,
|
|
tTlsCompChainCAProfOrder
|
|
}
|
|
::= { tTlsCompChainCAProfTable 1 }
|
|
|
|
TTlsCompChainCAProfEntry ::= SEQUENCE
|
|
{
|
|
tTlsCompChainCAProfOrder Integer32,
|
|
tTlsCompChainCAProfName TNamedItem
|
|
}
|
|
|
|
tTlsCompChainCAProfOrder OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCompChainCAProfOrder indicates the order
|
|
in which a certificate-authority (CA) profile is maintained for the
|
|
computed chain of this certificate profile entry."
|
|
::= { tTlsCompChainCAProfEntry 1 }
|
|
|
|
tTlsCompChainCAProfName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCompChainCAProfName indicates the
|
|
certificate-authority (CA) profile which is part of the computed chain
|
|
for this certificate profile entry."
|
|
::= { tTlsCompChainCAProfEntry 2 }
|
|
|
|
tTlsCertChainCAProfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsCertChainCAProfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCertChainCAProfTable maintains configuration of chain CA
|
|
profiles for TLS certificate profile entries."
|
|
::= { tmnxTlsConfigObjs 4 }
|
|
|
|
tTlsCertChainCAProfEntry OBJECT-TYPE
|
|
SYNTAX TTlsCertChainCAProfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsCertChainCAProfEntry is an entry (conceptual row) in the
|
|
tTlsCertChainCAProfTable. Each entry represents the configuration for
|
|
a chain CA profile for a certificate profile entry.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsCertChainCAProfRowStatus."
|
|
INDEX {
|
|
tTlsCertProfileName,
|
|
tTlsCertProfEntryId,
|
|
tTlsCertChainCAProfName
|
|
}
|
|
::= { tTlsCertChainCAProfTable 1 }
|
|
|
|
TTlsCertChainCAProfEntry ::= SEQUENCE
|
|
{
|
|
tTlsCertChainCAProfName TNamedItem,
|
|
tTlsCertChainCAProfLastChgd TimeStamp,
|
|
tTlsCertChainCAProfRowStatus RowStatus
|
|
}
|
|
|
|
tTlsCertChainCAProfName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertChainCAProfName specifies the name of
|
|
a chain CA profile."
|
|
::= { tTlsCertChainCAProfEntry 1 }
|
|
|
|
tTlsCertChainCAProfLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertChainCAProfLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsCertChainCAProfEntry 2 }
|
|
|
|
tTlsCertChainCAProfRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsCertChainCAProfRowStatus specifies the
|
|
status of the conceptual row in tTlsCertChainCAProfTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsCertChainCAProfEntry 3 }
|
|
|
|
tTlsTrustAnchorProfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsTrustAnchorProfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsTrustAnchorProfTable stores configuration and status
|
|
information related to TLS trust anchor profiles."
|
|
::= { tmnxTlsConfigObjs 5 }
|
|
|
|
tTlsTrustAnchorProfEntry OBJECT-TYPE
|
|
SYNTAX TTlsTrustAnchorProfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsTrustAnchorProfEntry is an entry (conceptual row) in the
|
|
tTlsTrustAnchorProfTable. Each entry contains information pertaining
|
|
to a TLS trust anchor profile.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsTrustAnchorProfRowStatus."
|
|
INDEX { tTlsTrustAnchorProfName }
|
|
::= { tTlsTrustAnchorProfTable 1 }
|
|
|
|
TTlsTrustAnchorProfEntry ::= SEQUENCE
|
|
{
|
|
tTlsTrustAnchorProfName TNamedItem,
|
|
tTlsTrustAnchorProfLastChgd TimeStamp,
|
|
tTlsTrustAnchorProfRowStatus RowStatus,
|
|
tTlsTrustAnchorCAProfDown Integer32
|
|
}
|
|
|
|
tTlsTrustAnchorProfName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorProfName specifies a TLS trust
|
|
anchor profile name."
|
|
::= { tTlsTrustAnchorProfEntry 1 }
|
|
|
|
tTlsTrustAnchorProfLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorProfLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsTrustAnchorProfEntry 2 }
|
|
|
|
tTlsTrustAnchorProfRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorProfRowStatus specifies the
|
|
status of the conceptual row in tTlsTrustAnchorProfTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsTrustAnchorProfEntry 3 }
|
|
|
|
tTlsTrustAnchorCAProfDown OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorCAProfDown indicates the total
|
|
number of trusted CA-profiles (Certificate-Authority) not operational
|
|
in the trust anchor profile."
|
|
::= { tTlsTrustAnchorProfEntry 4 }
|
|
|
|
tTlsTrustAnchorsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsTrustAnchorsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsTrustAnchorsTable maintains configuration of trust anchor CA
|
|
profiles for TLS trust anchor profiles."
|
|
::= { tmnxTlsConfigObjs 6 }
|
|
|
|
tTlsTrustAnchorsEntry OBJECT-TYPE
|
|
SYNTAX TTlsTrustAnchorsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsTrustAnchorsEntry is an entry (conceptual row) in the
|
|
tTlsTrustAnchorsTable. Each entry represents the configuration of a CA
|
|
profile for a TLS trust anchor profile.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsTrustAnchorsRowStatus."
|
|
INDEX {
|
|
tTlsTrustAnchorProfName,
|
|
tTlsTrustAnchorsCAProfile
|
|
}
|
|
::= { tTlsTrustAnchorsTable 1 }
|
|
|
|
TTlsTrustAnchorsEntry ::= SEQUENCE
|
|
{
|
|
tTlsTrustAnchorsCAProfile TNamedItem,
|
|
tTlsTrustAnchorsLastChgd TimeStamp,
|
|
tTlsTrustAnchorsRowStatus RowStatus
|
|
}
|
|
|
|
tTlsTrustAnchorsCAProfile OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorsCAProfile specifies the name
|
|
of a CA profile."
|
|
::= { tTlsTrustAnchorsEntry 1 }
|
|
|
|
tTlsTrustAnchorsLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorsLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsTrustAnchorsEntry 2 }
|
|
|
|
tTlsTrustAnchorsRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsTrustAnchorsRowStatus specifies the status
|
|
of the conceptual row in tTlsTrustAnchorsTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsTrustAnchorsEntry 3 }
|
|
|
|
tTlsClientCiphListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsClientCiphListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsClientCiphListTable maintains configuration of ordered lists
|
|
of supported cipher suite codes to be sent in a Client Hello message
|
|
by a TLS client."
|
|
::= { tmnxTlsConfigObjs 7 }
|
|
|
|
tTlsClientCiphListEntry OBJECT-TYPE
|
|
SYNTAX TTlsClientCiphListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsClientCiphListEntry is an entry (conceptual row) in the
|
|
tTlsClientCiphListTable. Each entry represents the configuration for
|
|
an ordered list of supported cipher suite codes.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsClientCiphListRowStatus."
|
|
INDEX { tTlsClientCiphListName }
|
|
::= { tTlsClientCiphListTable 1 }
|
|
|
|
TTlsClientCiphListEntry ::= SEQUENCE
|
|
{
|
|
tTlsClientCiphListName TNamedItem,
|
|
tTlsClientCiphListLastChgd TimeStamp,
|
|
tTlsClientCiphListRowStatus RowStatus
|
|
}
|
|
|
|
tTlsClientCiphListName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClientCiphListName specifies the name of
|
|
an ordered list of supported cipher suite codes for a TLS client."
|
|
::= { tTlsClientCiphListEntry 1 }
|
|
|
|
tTlsClientCiphListLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClientCiphListLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsClientCiphListEntry 2 }
|
|
|
|
tTlsClientCiphListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClientCiphListRowStatus specifies the
|
|
status of the conceptual row in tTlsClientCiphListTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsClientCiphListEntry 3 }
|
|
|
|
tTlsClntCiphListParamTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsClntCiphListParamEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsClntCiphListParamTable stores configuration and status
|
|
information related to cipher suite codes which belong to ordered
|
|
lists of cipher suite codes specified by entries in
|
|
tTlsClientCiphListTable."
|
|
::= { tmnxTlsConfigObjs 8 }
|
|
|
|
tTlsClntCiphListParamEntry OBJECT-TYPE
|
|
SYNTAX TTlsClntCiphListParamEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsClntCiphListParamEntry is an entry (conceptual row) in the
|
|
tTlsClntCiphListParamTable. Each entry contains information pertaining
|
|
to a cipher suite code which belongs to a list specified by
|
|
tTlsClientCiphListName.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsClntCiphListParamRowStatus."
|
|
INDEX {
|
|
tTlsClientCiphListName,
|
|
tTlsClntCiphListParamIndex
|
|
}
|
|
::= { tTlsClntCiphListParamTable 1 }
|
|
|
|
TTlsClntCiphListParamEntry ::= SEQUENCE
|
|
{
|
|
tTlsClntCiphListParamIndex Unsigned32,
|
|
tTlsClntCiphListParamLastChgd TimeStamp,
|
|
tTlsClntCiphListParamRowStatus RowStatus,
|
|
tTlsClntCiphListParamSuiteCode TTlsCipherSuiteCode
|
|
}
|
|
|
|
tTlsClntCiphListParamIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntCiphListParamIndex specifies the TLS
|
|
client's order of preference of a cipher suite code within the list
|
|
specified by tTlsClientCiphListName."
|
|
::= { tTlsClntCiphListParamEntry 1 }
|
|
|
|
tTlsClntCiphListParamLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntCiphListParamLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsClntCiphListParamEntry 2 }
|
|
|
|
tTlsClntCiphListParamRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntCiphListParamRowStatus specifies the
|
|
status of the conceptual row in tTlsClntCiphListParamTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported.
|
|
|
|
In order for the row creation to succeed, the value of
|
|
tTlsClntCiphListParamSuiteCode has to be provided in the same SNMP SET
|
|
PDU as the tTlsClntCiphListParamRowStatus.
|
|
|
|
Otherwise the SET request will fail with an 'inconsistentValue' error."
|
|
::= { tTlsClntCiphListParamEntry 3 }
|
|
|
|
tTlsClntCiphListParamSuiteCode OBJECT-TYPE
|
|
SYNTAX TTlsCipherSuiteCode
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntCiphListParamSuiteCode specifies the
|
|
cipher suite code related to tTlsClntCiphListParamIndex within the
|
|
list specified by tTlsClientCiphListName.
|
|
|
|
In order for the row creation to succeed, the value of
|
|
tTlsClntCiphListParamSuiteCode has to be provided in the same SNMP SET
|
|
PDU as the tTlsClntCiphListParamRowStatus.
|
|
|
|
Otherwise the SET request will fail with an 'inconsistentValue' error.
|
|
|
|
Cipher suites with Null cipher are no longer supported. These are
|
|
tlsRsaWithNullMd5, tlsRsaWithNullSha and tlsRsaWithNullSha256."
|
|
::= { tTlsClntCiphListParamEntry 4 }
|
|
|
|
tTlsClntProfileTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsClntProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsClntProfileTable stores configuration and status information
|
|
related to TLS client profiles."
|
|
::= { tmnxTlsConfigObjs 9 }
|
|
|
|
tTlsClntProfileEntry OBJECT-TYPE
|
|
SYNTAX TTlsClntProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsClntProfileEntry is an entry (conceptual row) in the
|
|
tTlsClntProfileTable. Each entry contains information pertaining to a
|
|
TLS client profile.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsClntProfileRowStatus."
|
|
INDEX { tTlsClntProfileName }
|
|
::= { tTlsClntProfileTable 1 }
|
|
|
|
TTlsClntProfileEntry ::= SEQUENCE
|
|
{
|
|
tTlsClntProfileName TNamedItem,
|
|
tTlsClntProfileLastChgd TimeStamp,
|
|
tTlsClntProfileRowStatus RowStatus,
|
|
tTlsClntProfileAdminState TmnxAdminState,
|
|
tTlsClntProfileOperState TmnxOperState,
|
|
tTlsClntProfileCiphListName TNamedItemOrEmpty,
|
|
tTlsClntProfileCertProfile TNamedItemOrEmpty,
|
|
tTlsClntProfileTrstAnchrProf TNamedItemOrEmpty
|
|
}
|
|
|
|
tTlsClntProfileName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileName specifies the name for a
|
|
TLS client profile."
|
|
::= { tTlsClntProfileEntry 1 }
|
|
|
|
tTlsClntProfileLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsClntProfileEntry 2 }
|
|
|
|
tTlsClntProfileRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileRowStatus specifies the status
|
|
of the conceptual row in tTlsClntProfileTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsClntProfileEntry 3 }
|
|
|
|
tTlsClntProfileAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileAdminState specifies the
|
|
administrative state of the tTlsClntProfileEntry."
|
|
DEFVAL { outOfService }
|
|
::= { tTlsClntProfileEntry 4 }
|
|
|
|
tTlsClntProfileOperState OBJECT-TYPE
|
|
SYNTAX TmnxOperState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileOperState indicates the
|
|
operational state of tTlsClntProfileEntry."
|
|
::= { tTlsClntProfileEntry 5 }
|
|
|
|
tTlsClntProfileCiphListName OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileCiphListName specifies the
|
|
ordered list of supported cipher suite codes associated with this TLS
|
|
client profile."
|
|
DEFVAL { ''H }
|
|
::= { tTlsClntProfileEntry 6 }
|
|
|
|
tTlsClntProfileCertProfile OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileCertProfile specifies the
|
|
Certificate Profile associated with this TLS client profile."
|
|
DEFVAL { ''H }
|
|
::= { tTlsClntProfileEntry 7 }
|
|
|
|
tTlsClntProfileTrstAnchrProf OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsClntProfileTrstAnchrProf specifies the
|
|
Certificate-Authority Trust Anchor Profile associated with this TLS
|
|
client profile.
|
|
|
|
An 'inconsistentValue' error is returned if this object is modified
|
|
when tTlsClntProfileAdminState is in 'inService' state."
|
|
DEFVAL { ''H }
|
|
::= { tTlsClntProfileEntry 8 }
|
|
|
|
tTlsServerCiphListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsServerCiphListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsServerCiphListTable maintains configuration of ordered lists
|
|
of supported cipher suite codes to be sent in a Server Hello message
|
|
by a TLS server."
|
|
::= { tmnxTlsConfigObjs 10 }
|
|
|
|
tTlsServerCiphListEntry OBJECT-TYPE
|
|
SYNTAX TTlsServerCiphListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsServerCiphListEntry is an entry (conceptual row) in the
|
|
tTlsServerCiphListTable. Each entry represents the configuration for
|
|
an ordered list of supported cipher suite codes.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsServerCiphListRowStatus."
|
|
INDEX { tTlsServerCiphListName }
|
|
::= { tTlsServerCiphListTable 1 }
|
|
|
|
TTlsServerCiphListEntry ::= SEQUENCE
|
|
{
|
|
tTlsServerCiphListName TNamedItem,
|
|
tTlsServerCiphListLastChgd TimeStamp,
|
|
tTlsServerCiphListRowStatus RowStatus
|
|
}
|
|
|
|
tTlsServerCiphListName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsServerCiphListName specifies the name of
|
|
an ordered list of supported cipher suite codes for a TLS server."
|
|
::= { tTlsServerCiphListEntry 1 }
|
|
|
|
tTlsServerCiphListLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsServerCiphListLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsServerCiphListEntry 2 }
|
|
|
|
tTlsServerCiphListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsServerCiphListRowStatus specifies the
|
|
status of the conceptual row in tTlsServerCiphListTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsServerCiphListEntry 3 }
|
|
|
|
tTlsSrvCiphListParamTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsSrvCiphListParamEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsSrvCiphListParamTable stores configuration and status
|
|
information related to cipher suite codes which belong to ordered
|
|
lists of cipher suite codes specified by entries in
|
|
tTlsServerCiphListTable."
|
|
::= { tmnxTlsConfigObjs 11 }
|
|
|
|
tTlsSrvCiphListParamEntry OBJECT-TYPE
|
|
SYNTAX TTlsSrvCiphListParamEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsSrvCiphListParamEntry is an entry (conceptual row) in the
|
|
tTlsSrvCiphListParamTable. Each entry contains information pertaining
|
|
to a cipher suite code which belongs to a list specified by
|
|
tTlsServerCiphListName.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsSrvCiphListParamRowStatus."
|
|
INDEX {
|
|
tTlsServerCiphListName,
|
|
tTlsSrvCiphListParamIndex
|
|
}
|
|
::= { tTlsSrvCiphListParamTable 1 }
|
|
|
|
TTlsSrvCiphListParamEntry ::= SEQUENCE
|
|
{
|
|
tTlsSrvCiphListParamIndex Unsigned32,
|
|
tTlsSrvCiphListParamLastChgd TimeStamp,
|
|
tTlsSrvCiphListParamRowStatus RowStatus,
|
|
tTlsSrvCiphListParamSuiteCode TTlsCipherSuiteCode
|
|
}
|
|
|
|
tTlsSrvCiphListParamIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvCiphListParamIndex specifies the TLS
|
|
server's order of preference of a cipher suite code within the list
|
|
specified by tTlsServerCiphListName."
|
|
::= { tTlsSrvCiphListParamEntry 1 }
|
|
|
|
tTlsSrvCiphListParamLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvCiphListParamLastChgd indicates the
|
|
sysUpTime at the time of the most recent management-initiated change
|
|
to this entry."
|
|
::= { tTlsSrvCiphListParamEntry 2 }
|
|
|
|
tTlsSrvCiphListParamRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvCiphListParamRowStatus specifies the
|
|
status of the conceptual row in tTlsSrvCiphListParamTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported.
|
|
|
|
In order for the row creation to succeed, the value of
|
|
tTlsSrvCiphListParamSuiteCode has to be provided in the same SNMP SET
|
|
PDU as the tTlsSrvCiphListParamRowStatus.
|
|
|
|
Otherwise the SET request will fail with an 'inconsistentValue' error."
|
|
::= { tTlsSrvCiphListParamEntry 3 }
|
|
|
|
tTlsSrvCiphListParamSuiteCode OBJECT-TYPE
|
|
SYNTAX TTlsCipherSuiteCode
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvCiphListParamSuiteCode specifies the
|
|
cipher suite code related to tTlsSrvCiphListParamIndex within the list
|
|
specified by tTlsServerCiphListName.
|
|
|
|
In order for the row creation to succeed, the value of
|
|
tTlsSrvCiphListParamSuiteCode has to be provided in the same SNMP SET
|
|
PDU as the tTlsSrvCiphListParamRowStatus.
|
|
|
|
Otherwise the SET request will fail with an 'inconsistentValue' error.
|
|
|
|
Cipher suites with Null cipher are no longer supported. These are
|
|
tlsRsaWithNullMd5, tlsRsaWithNullSha and tlsRsaWithNullSha256."
|
|
::= { tTlsSrvCiphListParamEntry 4 }
|
|
|
|
tTlsSrvProfileTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TTlsSrvProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsSrvProfileTable stores configuration and status information
|
|
related to TLS server profiles."
|
|
::= { tmnxTlsConfigObjs 12 }
|
|
|
|
tTlsSrvProfileEntry OBJECT-TYPE
|
|
SYNTAX TTlsSrvProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tTlsSrvProfileEntry is an entry (conceptual row) in the
|
|
tTlsSrvProfileTable. Each entry contains information pertaining to a
|
|
TLS server profile.
|
|
|
|
Entries in this table can be created and deleted via SNMP SET
|
|
operations to tTlsSrvProfileRowStatus."
|
|
INDEX { tTlsSrvProfileName }
|
|
::= { tTlsSrvProfileTable 1 }
|
|
|
|
TTlsSrvProfileEntry ::= SEQUENCE
|
|
{
|
|
tTlsSrvProfileName TNamedItem,
|
|
tTlsSrvProfileLastChgd TimeStamp,
|
|
tTlsSrvProfileRowStatus RowStatus,
|
|
tTlsSrvProfileAdminState TmnxAdminState,
|
|
tTlsSrvProfileOperState TmnxOperState,
|
|
tTlsSrvProfileCiphListName TNamedItemOrEmpty,
|
|
tTlsSrvProfileCertProfile TNamedItemOrEmpty,
|
|
tTlsSrvProfileTrstAnchrProf TNamedItemOrEmpty,
|
|
tTlsSrvProfileReNegotiateTimer Unsigned32,
|
|
tTlsSrvProfileCnListName TNamedItemOrEmpty
|
|
}
|
|
|
|
tTlsSrvProfileName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileName specifies the name for a
|
|
TLS server profile."
|
|
::= { tTlsSrvProfileEntry 1 }
|
|
|
|
tTlsSrvProfileLastChgd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileLastChgd indicates the sysUpTime
|
|
at the time of the most recent management-initiated change to this
|
|
entry."
|
|
::= { tTlsSrvProfileEntry 2 }
|
|
|
|
tTlsSrvProfileRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileRowStatus specifies the status
|
|
of the conceptual row in tTlsSrvProfileTable.
|
|
|
|
Rows are created and destroyed by SNMP SET operations on this object.
|
|
|
|
Only values 'active(1)', 'createAndGo(4)' and 'destroy(6)' are
|
|
supported."
|
|
::= { tTlsSrvProfileEntry 3 }
|
|
|
|
tTlsSrvProfileAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileAdminState specifies the
|
|
administrative state of the tTlsClntProfileEntry."
|
|
DEFVAL { outOfService }
|
|
::= { tTlsSrvProfileEntry 4 }
|
|
|
|
tTlsSrvProfileOperState OBJECT-TYPE
|
|
SYNTAX TmnxOperState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileOperState indicates the
|
|
operational state of tTlsSrvProfileEntry."
|
|
::= { tTlsSrvProfileEntry 5 }
|
|
|
|
tTlsSrvProfileCiphListName OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileCiphListName specifies the
|
|
ordered list of supported cipher suite codes associated with this TLS
|
|
server profile."
|
|
DEFVAL { ''H }
|
|
::= { tTlsSrvProfileEntry 6 }
|
|
|
|
tTlsSrvProfileCertProfile OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileCertProfile specifies the
|
|
Certificate Profile associated with this TLS server profile."
|
|
DEFVAL { ''H }
|
|
::= { tTlsSrvProfileEntry 7 }
|
|
|
|
tTlsSrvProfileTrstAnchrProf OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileTrstAnchrProf specifies the
|
|
Certificate-Authority Trust Anchor Profile associated with this TLS
|
|
server profile.
|
|
|
|
An 'inconsistentValue' error is returned if this object is modified
|
|
when tTlsSrvProfileAdminState is in 'inService' state."
|
|
DEFVAL { ''H }
|
|
::= { tTlsSrvProfileEntry 8 }
|
|
|
|
tTlsSrvProfileReNegotiateTimer OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..65000)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileReNegotiateTimer specifies the
|
|
number of minutes before re-negotiating new secret key used to
|
|
encode/decode packets on secure connection between the server and a
|
|
client."
|
|
DEFVAL { 0 }
|
|
::= { tTlsSrvProfileEntry 9 }
|
|
|
|
tTlsSrvProfileCnListName OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the object tTlsSrvProfileCnListName specifies Common Name
|
|
List associated with this TLS server profile. In Common Name List are
|
|
present the domain names and/or IP addresses of all the clients, which
|
|
are allowed to connect to the server.
|
|
|
|
Domain names and IP addresses are present in a client certificate in
|
|
field 'Common Name' (CN) or in the extension 'Subject Alternative
|
|
Name' (SAN). If CN and none of SANs corresponds to any entry in the CN
|
|
list, client will be not allowed to connect to the TLS server.
|
|
|
|
If no CN list is configured, SR-OS will not take CN or SAN items into
|
|
account during a TLS client authentication."
|
|
DEFVAL { ''H }
|
|
::= { tTlsSrvProfileEntry 10 }
|
|
|
|
tmnxTlsStatistics OBJECT IDENTIFIER ::= { tmnxTlsObjs 3 }
|
|
|
|
tmnxTlsNotifyObjects OBJECT IDENTIFIER ::= { tmnxTlsObjs 10 }
|
|
|
|
tmnxTlsConformance OBJECT IDENTIFIER ::= { tmnxSRConfs 107 }
|
|
|
|
tmnxTlsCompliances OBJECT IDENTIFIER ::= { tmnxTlsConformance 1 }
|
|
|
|
tmnxTlsComplianceV14v1 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for the management of the TLS protocol on
|
|
Nokia SROS series systems."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
tmnxTlsX509CertMgmtGroup,
|
|
tmnxTlsClientMgmtInitialGroup
|
|
}
|
|
::= { tmnxTlsCompliances 1 }
|
|
|
|
tmnxTlsComplianceV15v0 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for the management of the TLS protocol on
|
|
Nokia SROS series systems."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
tmnxTlsServerMgmtGroupV15v0
|
|
}
|
|
::= { tmnxTlsCompliances 2 }
|
|
|
|
tmnxTlsGroups OBJECT IDENTIFIER ::= { tmnxTlsConformance 2 }
|
|
|
|
tmnxTlsV14v1Groups OBJECT IDENTIFIER ::= { tmnxTlsGroups 1 }
|
|
|
|
tmnxTlsX509CertMgmtGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tTlsCertProfileTblLastChgd,
|
|
tTlsCertProfileLastChgd,
|
|
tTlsCertProfileRowStatus,
|
|
tTlsCertProfileAdminState,
|
|
tTlsCertProfileOperState,
|
|
tTlsCertProfileOperFlags,
|
|
tTlsCertProfEntryIdTblLastChgd,
|
|
tTlsCertProfEntryIdLastChgd,
|
|
tTlsCertProfEntryIdRowStatus,
|
|
tTlsCertProfEntryIdCertFile,
|
|
tTlsCertProfEntryIdKeyFile,
|
|
tTlsCertProfEntryIdCompChain,
|
|
tTlsCertProfEntryIdOperFlags,
|
|
tTlsCompChainCAProfName,
|
|
tTlsCertChainCAProfTblLastChgd,
|
|
tTlsCertChainCAProfLastChgd,
|
|
tTlsCertChainCAProfRowStatus,
|
|
tTlsTrustAnchorProfTblLastChgd,
|
|
tTlsTrustAnchorProfLastChgd,
|
|
tTlsTrustAnchorProfRowStatus,
|
|
tTlsTrustAnchorCAProfDown,
|
|
tTlsTrustAnchorsTblLastChgd,
|
|
tTlsTrustAnchorsLastChgd,
|
|
tTlsTrustAnchorsRowStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects supporting the management of X.509 certificates
|
|
on Nokia SROS series systems."
|
|
::= { tmnxTlsV14v1Groups 1 }
|
|
|
|
tmnxTlsClientMgmtInitialGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tTlsClientCiphListTblLastChgd,
|
|
tTlsClientCiphListLastChgd,
|
|
tTlsClientCiphListRowStatus,
|
|
tTlsClntCiphListParTblLastChgd,
|
|
tTlsClntCiphListParamLastChgd,
|
|
tTlsClntCiphListParamRowStatus,
|
|
tTlsClntCiphListParamSuiteCode,
|
|
tTlsClntProfileTblLastChgd,
|
|
tTlsClntProfileLastChgd,
|
|
tTlsClntProfileRowStatus,
|
|
tTlsClntProfileAdminState,
|
|
tTlsClntProfileOperState,
|
|
tTlsClntProfileCiphListName,
|
|
tTlsClntProfileCertProfile,
|
|
tTlsClntProfileTrstAnchrProf
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects supporting the management of a TLS client on
|
|
Nokia SROS series systems."
|
|
::= { tmnxTlsV14v1Groups 2 }
|
|
|
|
tmnxTlsV15v0Groups OBJECT IDENTIFIER ::= { tmnxTlsGroups 2 }
|
|
|
|
tmnxTlsServerMgmtGroupV15v0 OBJECT-GROUP
|
|
OBJECTS {
|
|
tTlsServerCiphListTblLastChgd,
|
|
tTlsServerCiphListLastChgd,
|
|
tTlsServerCiphListRowStatus,
|
|
tTlsSrvCiphListParTblLastChgd,
|
|
tTlsSrvCiphListParamLastChgd,
|
|
tTlsSrvCiphListParamRowStatus,
|
|
tTlsSrvCiphListParamSuiteCode,
|
|
tTlsSrvProfileTblLastChgd,
|
|
tTlsSrvProfileLastChgd,
|
|
tTlsSrvProfileRowStatus,
|
|
tTlsSrvProfileAdminState,
|
|
tTlsSrvProfileOperState,
|
|
tTlsSrvProfileCiphListName,
|
|
tTlsSrvProfileCertProfile,
|
|
tTlsSrvProfileTrstAnchrProf,
|
|
tTlsSrvProfileReNegotiateTimer,
|
|
tTlsSrvProfileCnListName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects supporting the management of a TLS server on
|
|
Nokia SROS series systems."
|
|
::= { tmnxTlsV15v0Groups 1 }
|
|
|
|
tmnxTlsNotifyPrefix OBJECT IDENTIFIER ::= { tmnxSRNotifyPrefix 107 }
|
|
|
|
tmnxTlsNotifications OBJECT IDENTIFIER ::= { tmnxTlsNotifyPrefix 0 }
|
|
|
|
END
|