FEC-CERT-MIB Table View
Table-centric layout grouping table, row, and column objects.
Tables
5
Rows
5
Columns
62
ipsecPublicKeyTable
table.0.2
·
1 row entry
·
6 columns
This table contains the list of public key pairs and ID's used with IPSec.
This object contains a key pair for a certain public key
algorithm and the ids used together with this key.
algorithm and the ids used together with this key.
Indexes
ipsecPubKeyAlgorithm ipsecPubKeyKeyLength
| Column | Syntax | OID | ||||||
|---|---|---|---|---|---|---|---|---|
|
ipsecPubKeyIndex
A unique index for this entry.
|
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.2.1.1 |
||||||
|
ipsecPubKeyDescription
An optional description for this key.
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.2.1.2 |
||||||
|
ipsecPubKeyAlgorithm
This object specifies the algorithm for which the key is used.
Possible values: rsa(2), -- The RSA encryption algorithm dsa(3), -- The digital signature algorithm delete(15) -- Mark this entry for deletion. |
Enumerationr/w Enumerated Values:
|
.0.2.1.3 |
||||||
|
ipsecPubKeyKeyLength
The size of the public and private keys in bits.
|
bitsInteger32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.2.1.4 |
||||||
|
ipsecPubKeyPublicExponent
The RSA public exponent of the key. (undefined for DSA)
|
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.2.1.5 |
||||||
|
ipsecPubKeyState
This object specifies the state of the Key.
Possible values: generating(1), -- Key generation is in progress complete(2), -- Key generation is complete error(3) -- Key generation terminated with an error. |
Enumeration Enumerated Values:
|
.0.2.1.6 |
certServerTable
table.0.33.2
·
1 row entry
·
4 columns
The certServerTable contains the list of certificate servers used for certificate and crl requests.
A certificate server entry defines the name of a certificate
server together with the protocols used to access it.
server together with the protocols used to access it.
Indexes
certServerPreference
| Column | Syntax | OID | ||||
|---|---|---|---|---|---|---|
|
certServerName
This object specifies the name of a certificate server.
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.2.1.1 |
||||
|
certServerUrl
This object specifies the url used for accessing the
certificate server. Syntax: [<scheme>:][//[<user>[:<password>]@]<host>[:<port>]]/[<path>] example: ldap://myname:mypass@ldap.ca.com:389/ . |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.2.1.2 |
||||
|
certServerPreference
This object specifies the preference of this server
with respect to the others. Servers with lower priority are accessed prior to others. |
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.2.1.3 |
||||
|
certServerType
This object specifies the type of the entry and is used to
delete it. |
Enumerationr/w Enumerated Values:
|
.0.33.2.1.4 |
certTable
table.0.33.3
·
1 row entry
·
20 columns
The certTable contains the list of certificates known to the system. This includes own certificates, peer certificates, root CA certificates and intermediate CA certificates, dynamically loaded as well as manually configured.
A certEntry contains the description of a certificate.
Indexes
certIndex
| Column | Syntax | OID | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
certIndex
A unique index of this certificate entry.
Dynamically loaded certificates are assigned negative indexes. |
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.3.1.1 |
||||||||
|
certDescription
This object specifies the name of the X.509 Certificate.
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.2 |
||||||||
|
certIsCA
This object determines if the entry specifies a globally
trusted root certificate. Possible Values: true(1), -- Globally trusted root certificate false(2) -- not globally trusted root certificate. |
Enumerationr/w Enumerated Values:
|
.0.33.3.1.3 |
||||||||
|
certForceTrusted
This object specifies if the certificate is trusted without any
further validity check. Possible Values: true(1), -- Disable any validity checks false(2) -- Run validity checks as far as configured -- otherwise. |
Enumerationr/w Enumerated Values:
|
.0.33.3.1.4 |
||||||||
|
certNoCrls
This object determines how CRL checking is performed
for this certificate. Possible Values: true(1), -- do not check for certificate revocation -- lists for this CA (no meaning for non-CA -- certificates) f… |
Enumerationr/w Enumerated Values:
|
.0.33.3.1.5 |
||||||||
|
certSerialNumber
This object shows the serial number of the certificate.
|
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.6 |
||||||||
|
certSubjectName
This object shows the subject name of the certificate.
|
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.7 |
||||||||
|
certSubjectAltNames
This object shows the subject alternative names of the
certificate. |
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.8 |
||||||||
|
certIssuerName
This object shows the name of the certificate authority
which issued the certificate. |
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.9 |
||||||||
|
certIssuerAltNames
This object shows the alternative names of the certificate
authority which issued the certificate. |
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.10 |
||||||||
|
certPubKeyInfo
This object shows the properties of the public key
certified in this certificate. These are the algorithm for which the key is used and its length. |
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.3.1.12 |
||||||||
|
certKeyId
This object shows the key id as contained in the extensions
of the certificate, if any. |
OctetString | .0.33.3.1.13 |
||||||||
|
certPrivateKey
This object shows the index of the private key from the
ipsecPublicKeyTable corresponding to the public key contained in this certificate. If this object is zero, there is no private key available for this certificate. |
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.3.1.14 |
||||||||
|
certValidNotBefore
This object shows the beginning of the validity period
of the certificate (GMT). |
.0.33.3.1.15 |
|||||||||
|
certValidNotAfter
This object shows the end of the validity period
of the certificate (GMT). |
.0.33.3.1.16 |
|||||||||
|
certKeyUsage
This object shows the key usage flags contained
in the extensions of the certificate, if any. The flags are: EncipherOnly 0x00000001 CrlSign 0x00000002 KeyCertSign 0x00000004 KeyAgreement … |
.0.33.3.1.17 |
|||||||||
|
certMD5Fingerprint
This object shows the fingerprint of the certificate
computed as an MD5 hash of the DER encoded binary certificate. Compare this object against an externally retrieved MD5 fingerprint (e.g. published on a CA's web site)… |
OctetString | .0.33.3.1.24 |
||||||||
|
certSHA1Fingerprint
This object shows the fingerprint of the certificate
computed as an SHA1 hash of the DER encoded binary certificate. Compare this object against an externally retrieved SHA1 fingerprint (e.g. published on a CA's web sit… |
OctetString | .0.33.3.1.25 |
||||||||
|
certSource
This object shows the instance which created the certificate.
|
Enumeration Enumerated Values:
|
.0.33.3.1.26 |
||||||||
|
certUptodate
The remaining up-to-dateness of the certificate in percent.
0 means certificate is no more valid. 100 means certificate is not yet valid, but will be valid in future. This variable is updated every 24 hours. |
Integer32 Constraints: range: 0-100 |
.0.33.3.1.27 |
certRevListTable
table.0.33.6
·
1 row entry
·
9 columns
The certRevListTable contains the dynamic list of certificate revocation lists currently cached by the system.
This object describes a certificate revocation list (CRL)
currently in the systems dynamic CRL cache.
currently in the systems dynamic CRL cache.
Indexes
certRevListIndex
| Column | Syntax | OID | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
certRevListIndex
A unique index of this CRL.
|
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.6.1.1 |
||||||||
|
certRevListDescription
This object specifies the name of the certificate
revocation list. |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.6.1.2 |
||||||||
|
certRevListIssuerName
The name of the certificate authority which issued this CRL.
|
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.6.1.3 |
||||||||
|
certRevListIssuerAltNames
The alternative names of the certificate authority which issued
this CRL. |
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.6.1.4 |
||||||||
|
certRevListSerialNumber
The serial number of the CRL.
|
SNMPv2-TCDisplayString Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.6.1.5 |
||||||||
|
certRevListNumCerts
The number of certificates contained in the CRL defined by this
entry. |
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.6.1.7 |
||||||||
|
certRevListSource
The instance which created this crl.
|
Enumeration Enumerated Values:
|
.0.33.6.1.8 |
||||||||
|
certRevListThisUpdate
The beginning of the validity period of CRL (GMT).
|
.0.33.6.1.9 |
|||||||||
|
certRevListNextUpdate
The end of the validity period of the CRL (GMT).
|
.0.33.6.1.10 |
certMgmtTable
table.0.33.7
·
1 row entry
·
23 columns
The certMgmtTable provides MIB access to the machines certificate management functions. These are certificate download/upload, creation ofd certificate requests and automatic certificate enrollment.
This object specifies a task in the systems certMgmtTable.
The system automatically deletes all tasks which have been
finished except the most recent one.
The system automatically deletes all tasks which have been
finished except the most recent one.
Indexes
certMgmtCommand
| Column | Syntax | OID | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
certMgmtIndex
A unique index for this entry.
|
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.1 |
||||||||||||
|
certMgmtCommand
The task to perform for this entry.
Possible values: getca-scep(1), -- Retrieve CA certificate via SCEP enroll-scep(2), -- Enroll using SCEP enroll-manual(3), -- Do a manual enrollment delete(8) -- Cancel the task … |
Enumerationr/w Enumerated Values:
|
.0.33.7.1.2 |
||||||||||||
|
certMgmtUrl
The url to access for the task.
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.3 |
||||||||||||
|
certMgmtCertName
The name of the resulting certificate (for certificate
retrieval tasks) or the name of the certificate to use (for certificate export tasks. |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.4 |
||||||||||||
|
certMgmtSubjectName
The subject name to include into the certificate request.
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.5 |
||||||||||||
|
certMgmtSubjectAltName
The subject alternative name to include into the certificate
request (optional). |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.6 |
||||||||||||
|
certMgmtSubjectAltName2
A second subject alternative name (optional).
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.7 |
||||||||||||
|
certMgmtSubjectAltName3
A third subject alternative name (optional).
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.8 |
||||||||||||
|
certMgmtKeyIndex
The index of the key in the ipsecPublicKeyTable to use for
certificate enrollment. |
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.9 |
||||||||||||
|
certMgmtCaCertIndex
The index of the CA certificate to use (from the certTable).
|
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.10 |
||||||||||||
|
certMgmtCaDomain
The domain for which the CA certificate is to be received
(getca_scep command only). |
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.11 |
||||||||||||
|
certMgmtPassword
The password (SCEP: challenge password, CMP: <ref-no>:<psk>.
|
SNMPv2-TCDisplayStringr/w Textual Convention: SNMPv2-TCDisplayString OctetStringType Constraints: range: 0..255 |
.0.33.7.1.12 |
||||||||||||
|
certMgmtAutoSave
Determines if pending requests should be saved permanently
after each try and results should be saved permanently after finish. |
Enumerationr/w Enumerated Values:
|
.0.33.7.1.13 |
||||||||||||
|
certMgmtPollInterval
The interval (in seconds) between polls.
|
Integer32r/w Constraints: range: 5-86400 |
.0.33.7.1.14 |
||||||||||||
|
certMgmtMaxPolls
The maximum number of polls performed. A value of -1 means
forever, a value of 0 disables polling, i.e. the task is cancelled if the initial result is delayed. |
Integer32r/w Constraints: range: -1-32767 |
.0.33.7.1.15 |
||||||||||||
|
certMgmtNumPolls
The number of polls already performed.
|
Integer32 Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.16 |
||||||||||||
|
certMgmtState
The state of the task specified by this entry.
|
Enumeration Enumerated Values:
|
.0.33.7.1.17 |
||||||||||||
|
certMgmtRaSignCertIndex
The index of the Registration Authority's (RA) certificate to
use for signing purposes (from the certTable). |
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.18 |
||||||||||||
|
certMgmtRaEncryptCertIndex
The index of the Registration Authority's (RA) certificate to
use for encryption purposes (from the certTable). |
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.19 |
||||||||||||
|
certMgmtKeyLength
The key length in bits used in requests for certificate enrollment.
|
Integer32r/w Textual Convention: COPS-PR-SPPIInteger32 Integer32Type Constraints: range: -2147483648..2147483647 |
.0.33.7.1.20 |
||||||||||||
|
certMgmtCaFingerprint
This object holds the fingerprint of the CA certificate
computed as an SHA1 or MD5 hash. This object is compared against an externally retrieved SHA1 / MD5 fingerprint (e.g. published on a CA's web site) to assure the a… |
OctetStringr/w | .0.33.7.1.21 |
||||||||||||
|
certMgmtNoCrls
This object determines how CRL checking is set for
certificates retrieved during certificate enrollment. Possible Values: true(1), -- do not check for certificate revocation -- lists for this CA (no meaning for n… |
Enumerationr/w Enumerated Values:
|
.0.33.7.1.22 |
||||||||||||
|
certMgmtAction
Flag whether certificate management task is waiting or
starts immediately. Use this flag to create complex tasks in multiple steps: First create task with certMgmtAction set to 'wait'. After task is completely build, se… |
Enumerationr/w Enumerated Values:
|
.0.33.7.1.23 |