CISCO-PKI-MIB

File: CISCO-PKI-MIB.mib (24961 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Counter32
NOTIFICATION-TYPE Integer32 Unsigned32
MODULE-COMPLIANCE NOTIFICATION-GROUP OBJECT-GROUP
DisplayString TimeInterval ciscoMgmt

Defined Types

CertChainEntry  
SEQUENCE    
  certChainLabel DisplayString
  certSerialNum DisplayString
  certIssuerName DisplayString
  certStartDate DisplayString
  certEndDate DisplayString
  certRemainingLife DisplayString
  certType DisplayString
  certTpLabel DisplayString
  certSubName DisplayString

PkiCRLEntry  
SEQUENCE    
  crlTpLabel DisplayString
  issuerName DisplayString
  sequenceNumb DisplayString
  nextUpdate DisplayString
  crlSize Unsigned32
  deltaCRLFlag Unsigned32

PkiOCSPEntry  
SEQUENCE    
  ocspTpLabel DisplayString
  responderID DisplayString
  thisUpdate DisplayString
  nexUpdate DisplayString

EnrollProfEntry  
SEQUENCE    
  enrollProfLabel DisplayString
  enrolCredentials DisplayString
  authLocation DisplayString
  authMethod DisplayString
  authVrf DisplayString
  authSourceInter DisplayString
  enrolMethod DisplayString
  enrolLocation DisplayString
  enrolVrf DisplayString
  enrolSourceInter DisplayString
  reenrolMethod DisplayString
  reenrolLocation DisplayString
  reenrolVrf DisplayString
  reenrolSourceInter DisplayString

PkiTPEntry  
SEQUENCE    
  tpLabel DisplayString
  subjectName DisplayString
  subjectAltName DisplayString
  aaaListInfo DisplayString
  enrollmentConfig DisplayString
  vrfConfig DisplayString
  sourceInter DisplayString
  autoEnroll DisplayString
  keyPairLabel DisplayString
  revocationMethod DisplayString
  hashAlgo DisplayString
  trustpointState DisplayString

Defined Values

ciscoPkiMIB 1.3.6.1.4.1.9.9.854
description
MODULE-IDENTITY    

ciscoPkiMIBNotifs 1.3.6.1.4.1.9.9.854.1
OBJECT IDENTIFIER    

ciscoPkiMIBObjects 1.3.6.1.4.1.9.9.854.2
OBJECT IDENTIFIER    

ciscoPkiMIBConform 1.3.6.1.4.1.9.9.854.3
OBJECT IDENTIFIER    

ciscoPkiConfiguration 1.3.6.1.4.1.9.9.854.2.1
OBJECT IDENTIFIER    

ciscoPkiCertificates 1.3.6.1.4.1.9.9.854.2.2
OBJECT IDENTIFIER    

ciscoPkiRevocationInfo 1.3.6.1.4.1.9.9.854.2.3
OBJECT IDENTIFIER    

ciscoPkiEnrollmentProfile 1.3.6.1.4.1.9.9.854.2.1.1
OBJECT IDENTIFIER    

ciscoPkiTrustpoints 1.3.6.1.4.1.9.9.854.2.1.2
OBJECT IDENTIFIER    

certChainTable 1.3.6.1.4.1.9.9.854.2.2.1
Please enter the Table Description here.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    CertChainEntry

certChainEntry 1.3.6.1.4.1.9.9.854.2.2.1.1
An entry (conceptual row) in the xxxTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  CertChainEntry  

certChainLabel 1.3.6.1.4.1.9.9.854.2.2.1.1.1
Please enter the object description here
Status: current Access: not-accessible
OBJECT-TYPE    
  DisplayString  

certSerialNum 1.3.6.1.4.1.9.9.854.2.2.1.1.2
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

certIssuerName 1.3.6.1.4.1.9.9.854.2.2.1.1.3
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

certStartDate 1.3.6.1.4.1.9.9.854.2.2.1.1.4
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

certEndDate 1.3.6.1.4.1.9.9.854.2.2.1.1.5
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

certType 1.3.6.1.4.1.9.9.854.2.2.1.1.6
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

certRemainingLife 1.3.6.1.4.1.9.9.854.2.2.1.1.7
Please enter the object description here
Status: current Access: accessible-for-notify
OBJECT-TYPE    
  DisplayString  

certTpLabel 1.3.6.1.4.1.9.9.854.2.2.1.1.8
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

certSubName 1.3.6.1.4.1.9.9.854.2.2.1.1.9
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

ciscoPkiCRLInfo 1.3.6.1.4.1.9.9.854.2.3.1
OBJECT IDENTIFIER    

ciscoPkiOSCPInfo 1.3.6.1.4.1.9.9.854.2.3.2
OBJECT IDENTIFIER    

pkiCRLTable 1.3.6.1.4.1.9.9.854.2.3.1.1
Please enter the Table Description here.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    PkiCRLEntry

pkiCRLEntry 1.3.6.1.4.1.9.9.854.2.3.1.1.1
An entry (conceptual row) in the xxxTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  PkiCRLEntry  

crlTpLabel 1.3.6.1.4.1.9.9.854.2.3.1.1.1.1
Unique trustpoint Label
Status: current Access: not-accessible
OBJECT-TYPE    
  DisplayString  

issuerName 1.3.6.1.4.1.9.9.854.2.3.1.1.1.2
CRL Issuer name
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

sequenceNumb 1.3.6.1.4.1.9.9.854.2.3.1.1.1.3
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

nextUpdate 1.3.6.1.4.1.9.9.854.2.3.1.1.1.4
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

crlSize 1.3.6.1.4.1.9.9.854.2.3.1.1.1.5
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32 0..4294967294  

deltaCRLFlag 1.3.6.1.4.1.9.9.854.2.3.1.1.1.6
This object specifies the storage type for this conceptual row. The following columnar objects are allowed to be writable when the storageType of this conceptual row is permanent(4): (replace with list of columns)
Status: current Access: read-only
OBJECT-TYPE    
  Unsigned32  

pkiOCSPTable 1.3.6.1.4.1.9.9.854.2.3.2.1
Please enter the Table Description here.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    PkiOCSPEntry

pkiOCSPEntry 1.3.6.1.4.1.9.9.854.2.3.2.1.1
An entry (conceptual row) in the xxxTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  PkiOCSPEntry  

ocspTpLabel 1.3.6.1.4.1.9.9.854.2.3.2.1.1.1
Please enter the object description here
Status: current Access: not-accessible
OBJECT-TYPE    
  DisplayString Size(0..255)  

responderID 1.3.6.1.4.1.9.9.854.2.3.2.1.1.2
An identifier of the responder (DN name or a hash of its key)
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

thisUpdate 1.3.6.1.4.1.9.9.854.2.3.2.1.1.3
The issuing time of the revocation information.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

nexUpdate 1.3.6.1.4.1.9.9.854.2.3.2.1.1.4
The issuing time of the revocation information that will update that one.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

ciscoPkiEnrollmentTable 1.3.6.1.4.1.9.9.854.2.1.1.1
Please enter the Table Description here.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    EnrollProfEntry

enrollProfEntry 1.3.6.1.4.1.9.9.854.2.1.1.1.1
An entry (conceptual row) in the xxxTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  EnrollProfEntry  

enrollProfLabel 1.3.6.1.4.1.9.9.854.2.1.1.1.1.3
Unique value to display Enrollment Label. If enrollment profiles are not present, string size of 0 will show nothing.
Status: current Access: not-accessible
OBJECT-TYPE    
  DisplayString Size(0..255)  

enrolCredentials 1.3.6.1.4.1.9.9.854.2.1.1.1.1.4
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

authLocation 1.3.6.1.4.1.9.9.854.2.1.1.1.1.5
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

authMethod 1.3.6.1.4.1.9.9.854.2.1.1.1.1.6
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

authVrf 1.3.6.1.4.1.9.9.854.2.1.1.1.1.7
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

authSourceInter 1.3.6.1.4.1.9.9.854.2.1.1.1.1.8
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

enrolMethod 1.3.6.1.4.1.9.9.854.2.1.1.1.1.9
Enrollment method will be displayed which will be used to authenticate and enroll. If enrollment method is configured as terminal, this parameter gives enrollment terminal If enrollment method is configured with url, this parameter returns enrollment url ip_addresss If vrf is configured as part of enrollment url, it will be shown as part of enrollment url ip_address vrf interface
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

enrolLocation 1.3.6.1.4.1.9.9.854.2.1.1.1.1.10
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

enrolVrf 1.3.6.1.4.1.9.9.854.2.1.1.1.1.11
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

enrolSourceInter 1.3.6.1.4.1.9.9.854.2.1.1.1.1.12
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

reenrolMethod 1.3.6.1.4.1.9.9.854.2.1.1.1.1.13
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

reenrolLocation 1.3.6.1.4.1.9.9.854.2.1.1.1.1.14
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

reenrolVrf 1.3.6.1.4.1.9.9.854.2.1.1.1.1.15
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

reenrolSourceInter 1.3.6.1.4.1.9.9.854.2.1.1.1.1.16
Please enter the object description here
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

pkiTPTable 1.3.6.1.4.1.9.9.854.2.1.2.1
Please enter the Table Description here.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    PkiTPEntry

pkiTPEntry 1.3.6.1.4.1.9.9.854.2.1.2.1.1
An entry (conceptual row) in the xxxTable.
Status: current Access: not-accessible
OBJECT-TYPE    
  PkiTPEntry  

tpLabel 1.3.6.1.4.1.9.9.854.2.1.2.1.1.1
Unique name of Trustpoint Label. When there is no trustpoint configured, size 0 shows no trustpoint configured.
Status: current Access: not-accessible
OBJECT-TYPE    
  DisplayString Size(0..255)  

subjectName 1.3.6.1.4.1.9.9.854.2.1.2.1.1.2
Subject name configured under the trustpoint will be returned
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

subjectAltName 1.3.6.1.4.1.9.9.854.2.1.2.1.1.3
subject alternate name configured under the trustpoint which can be used while generating the csr.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..50)  

aaaListInfo 1.3.6.1.4.1.9.9.854.2.1.2.1.1.4
Returns AAA authorization list to be used configured under trustpoint. AAA authorization list will be used during peer certificate validations etc. In order to access information on AAA list, please check AAA MIB corresponding to this AAA label.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..50)  

enrollmentConfig 1.3.6.1.4.1.9.9.854.2.1.2.1.1.5
Enrollment configuration which is configured under the trustpoint will be returned.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

vrfConfig 1.3.6.1.4.1.9.9.854.2.1.2.1.1.6
VRF interface configured under trustpoint which can be used for enrollment and obtaining CRL's
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..50)  

sourceInter 1.3.6.1.4.1.9.9.854.2.1.2.1.1.7
source Interface configured under trustpoint.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..50)  

autoEnroll 1.3.6.1.4.1.9.9.854.2.1.2.1.1.8
If autoEnroll is configured under the trustpoint, autoEnroll returns with the percentage configured. If the percentage is not configured, but auto-enroll is configured under trustpoint, this parameter return auto-enroll. If percentage is configured, parameter returns auto-enroll
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..20)  

keyPairLabel 1.3.6.1.4.1.9.9.854.2.1.2.1.1.10
Displays keypairLabel associated to this trustpoint if it is enrolled. During authentication, we wont generate the keypair Label.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..255)  

revocationMethod 1.3.6.1.4.1.9.9.854.2.1.2.1.1.11
This object displays revocation check configured on the device. If nothing is configured under the trustpoint, by default revocation-check crl will be updated.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..50)  

hashAlgo 1.3.6.1.4.1.9.9.854.2.1.2.1.1.12
Hash algorithm configured under the trustpoint. This will be used while selecting the HASH algorithm when CA server responded with GetCACapabilities list. Default value is sha1
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString  

trustpointState 1.3.6.1.4.1.9.9.854.2.1.2.1.1.13
Trustpoint state displays following 1) Authenticated - Trustpoint is in Authenticated state. 2) Enrolled - Trustpoint is authenticated and enrolled. Certificate state is granted. 3) Pending - Trustpoint is authenticated but enrollment is in pending state. This means CA server returned PENDING for the router certificate. 4) None - Trustpoint is neither authenticated nor enrolled.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString Size(0..20)  

ciscoPkiCertInstallAlert 1.3.6.1.4.1.9.9.854.1.1
When a certificate is installed on the device, notification will be sent with following information. a) Certificates Serial number b) Certificate Issuer-name c) Certificate Subject name d) Trustpoint name e) Type of certificate. (i.e. CA/ID) certificate f) Certificate Start Date g) Certificate End Date Alert will not be sent for RA certificates, trustpool certificates and self-signed non-persistent certificates.
Status: current Access: read-only
NOTIFICATION-TYPE    

ciscoPkiCertExpiryAlert 1.3.6.1.4.1.9.9.854.1.2
Certificate Expiry alert consists of following a) Certificate Serial number b) Certificate Issuer-name c) Trustpoint name d) Type of certificate (i.e. CA/ID/SUBCA/RA) e) Certificate remaining lifetime in seconds. f) Certificate subject-name When a certificate is reaching its expiry on the router, a trap will be sent to SNMP server at regular intervals starting from 60days to till 1week. From 1week onwards daily one trap will be sent with following information a) Certificate Serial number b) Certificate Issuer-name c) Trustpoint name d) Type of certificate (i.e. CA/ID) e) Certificate remaining lifetime. Alert will not be sent if trustpoint is configured with auto-enroll and corresponding shadow certificate/rollover certificate is present provided, shadow/rollover certificates start time is same/behind certificate end time. If shadow/rollover certificate start time is ahead of certificate end time, alerts will be continued to send because shadow certificate wont be valid from certificates expiry time. Expiry alerts will not be sent for trustpool certificates.
Status: current Access: read-only
NOTIFICATION-TYPE    

ciscoPkiMIBCompliances 1.3.6.1.4.1.9.9.854.3.1
OBJECT IDENTIFIER    

ciscoPkiMIBGroups 1.3.6.1.4.1.9.9.854.3.2
OBJECT IDENTIFIER    

ciscoPkiMIBCompliance 1.3.6.1.4.1.9.9.854.3.1.1
This is a default module-compliance containing default object groups.
Status: current Access: read-only
MODULE-COMPLIANCE    

ciscoPkiMIBMainObjectGroup 1.3.6.1.4.1.9.9.854.3.2.1
The is a test group.
Status: current Access: read-only
OBJECT-GROUP    

ciscoPkiMIBNotificationGroup 1.3.6.1.4.1.9.9.854.3.2.2
Notification alert group consists of both installation and expiry notifications.
Status: current Access: read-only
NOTIFICATION-GROUP