CISCO-PKI-MIB
File:
CISCO-PKI-MIB.mib (24961 bytes)
Imported modules
Imported symbols
Defined Types
CertChainEntry |
|
SEQUENCE |
|
|
|
|
certChainLabel |
DisplayString |
|
|
certSerialNum |
DisplayString |
|
|
certIssuerName |
DisplayString |
|
|
certStartDate |
DisplayString |
|
|
certEndDate |
DisplayString |
|
|
certRemainingLife |
DisplayString |
|
|
certType |
DisplayString |
|
|
certTpLabel |
DisplayString |
|
|
certSubName |
DisplayString |
|
EnrollProfEntry |
|
SEQUENCE |
|
|
|
|
enrollProfLabel |
DisplayString |
|
|
enrolCredentials |
DisplayString |
|
|
authLocation |
DisplayString |
|
|
authMethod |
DisplayString |
|
|
authVrf |
DisplayString |
|
|
authSourceInter |
DisplayString |
|
|
enrolMethod |
DisplayString |
|
|
enrolLocation |
DisplayString |
|
|
enrolVrf |
DisplayString |
|
|
enrolSourceInter |
DisplayString |
|
|
reenrolMethod |
DisplayString |
|
|
reenrolLocation |
DisplayString |
|
|
reenrolVrf |
DisplayString |
|
|
reenrolSourceInter |
DisplayString |
|
PkiTPEntry |
|
SEQUENCE |
|
|
|
|
tpLabel |
DisplayString |
|
|
subjectName |
DisplayString |
|
|
subjectAltName |
DisplayString |
|
|
aaaListInfo |
DisplayString |
|
|
enrollmentConfig |
DisplayString |
|
|
vrfConfig |
DisplayString |
|
|
sourceInter |
DisplayString |
|
|
autoEnroll |
DisplayString |
|
|
keyPairLabel |
DisplayString |
|
|
revocationMethod |
DisplayString |
|
|
hashAlgo |
DisplayString |
|
|
trustpointState |
DisplayString |
|
Defined Values
ciscoPkiMIB |
1.3.6.1.4.1.9.9.854 |
description |
MODULE-IDENTITY |
|
|
|
certChainTable |
1.3.6.1.4.1.9.9.854.2.2.1 |
Please enter the Table Description here. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CertChainEntry |
|
certChainEntry |
1.3.6.1.4.1.9.9.854.2.2.1.1 |
An entry (conceptual row) in the xxxTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CertChainEntry |
|
|
certChainLabel |
1.3.6.1.4.1.9.9.854.2.2.1.1.1 |
Please enter the object description here |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certSerialNum |
1.3.6.1.4.1.9.9.854.2.2.1.1.2 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certIssuerName |
1.3.6.1.4.1.9.9.854.2.2.1.1.3 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certStartDate |
1.3.6.1.4.1.9.9.854.2.2.1.1.4 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certEndDate |
1.3.6.1.4.1.9.9.854.2.2.1.1.5 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certType |
1.3.6.1.4.1.9.9.854.2.2.1.1.6 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certRemainingLife |
1.3.6.1.4.1.9.9.854.2.2.1.1.7 |
Please enter the object description here |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certTpLabel |
1.3.6.1.4.1.9.9.854.2.2.1.1.8 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
certSubName |
1.3.6.1.4.1.9.9.854.2.2.1.1.9 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
pkiCRLTable |
1.3.6.1.4.1.9.9.854.2.3.1.1 |
Please enter the Table Description here. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
PkiCRLEntry |
|
pkiCRLEntry |
1.3.6.1.4.1.9.9.854.2.3.1.1.1 |
An entry (conceptual row) in the xxxTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
PkiCRLEntry |
|
|
crlTpLabel |
1.3.6.1.4.1.9.9.854.2.3.1.1.1.1 |
Unique trustpoint Label |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
issuerName |
1.3.6.1.4.1.9.9.854.2.3.1.1.1.2 |
CRL Issuer name |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
sequenceNumb |
1.3.6.1.4.1.9.9.854.2.3.1.1.1.3 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
nextUpdate |
1.3.6.1.4.1.9.9.854.2.3.1.1.1.4 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
crlSize |
1.3.6.1.4.1.9.9.854.2.3.1.1.1.5 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0..4294967294 |
|
deltaCRLFlag |
1.3.6.1.4.1.9.9.854.2.3.1.1.1.6 |
This object specifies the storage type for this conceptual row.
The following columnar objects are allowed to be writable
when the storageType of this conceptual row is permanent(4):
(replace with list of columns) |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
pkiOCSPTable |
1.3.6.1.4.1.9.9.854.2.3.2.1 |
Please enter the Table Description here. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
PkiOCSPEntry |
|
pkiOCSPEntry |
1.3.6.1.4.1.9.9.854.2.3.2.1.1 |
An entry (conceptual row) in the xxxTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
PkiOCSPEntry |
|
|
ocspTpLabel |
1.3.6.1.4.1.9.9.854.2.3.2.1.1.1 |
Please enter the object description here |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
responderID |
1.3.6.1.4.1.9.9.854.2.3.2.1.1.2 |
An identifier of the responder (DN name or a hash of its key) |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
thisUpdate |
1.3.6.1.4.1.9.9.854.2.3.2.1.1.3 |
The issuing time of the revocation information. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
nexUpdate |
1.3.6.1.4.1.9.9.854.2.3.2.1.1.4 |
The issuing time of the revocation information that will update
that one. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
enrollProfEntry |
1.3.6.1.4.1.9.9.854.2.1.1.1.1 |
An entry (conceptual row) in the xxxTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
EnrollProfEntry |
|
|
enrollProfLabel |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.3 |
Unique value to display Enrollment Label.
If enrollment profiles are not present, string size of 0 will
show nothing. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
enrolCredentials |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.4 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
authLocation |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.5 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
authMethod |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.6 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
authVrf |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.7 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
authSourceInter |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.8 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
enrolMethod |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.9 |
Enrollment method will be displayed which will be used to
authenticate and enroll.
If enrollment method is configured as terminal, this parameter
gives
enrollment terminal
If enrollment method is configured with url, this parameter
returns
enrollment url ip_addresss
If vrf is configured as part of enrollment url, it will be
shown
as part of enrollment url ip_address vrf interface |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
enrolLocation |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.10 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
enrolVrf |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.11 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
enrolSourceInter |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.12 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
reenrolMethod |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.13 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
reenrolLocation |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.14 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
reenrolVrf |
1.3.6.1.4.1.9.9.854.2.1.1.1.1.15 |
Please enter the object description here |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
pkiTPTable |
1.3.6.1.4.1.9.9.854.2.1.2.1 |
Please enter the Table Description here. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
PkiTPEntry |
|
pkiTPEntry |
1.3.6.1.4.1.9.9.854.2.1.2.1.1 |
An entry (conceptual row) in the xxxTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
PkiTPEntry |
|
|
tpLabel |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.1 |
Unique name of Trustpoint Label.
When there is no trustpoint configured, size 0 shows no
trustpoint configured. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
subjectName |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.2 |
Subject name configured under the trustpoint will be returned |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
subjectAltName |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.3 |
subject alternate name configured under the trustpoint which
can be used while generating the csr. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
aaaListInfo |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.4 |
Returns AAA authorization list to be used configured under
trustpoint.
AAA authorization list will be used during peer certificate
validations etc.
In order to access information on AAA list, please check AAA MIB
corresponding to this AAA label. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
enrollmentConfig |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.5 |
Enrollment configuration which is configured under the
trustpoint will be returned. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
vrfConfig |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.6 |
VRF interface configured under trustpoint which can be used for
enrollment and obtaining CRL's |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
sourceInter |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.7 |
source Interface configured under trustpoint. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
autoEnroll |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.8 |
If autoEnroll is configured under the trustpoint, autoEnroll
returns with the percentage configured.
If the percentage is not configured, but auto-enroll is
configured under trustpoint, this parameter return auto-enroll.
If percentage is configured, parameter returns
auto-enroll |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..20) |
|
keyPairLabel |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.10 |
Displays keypairLabel associated to this trustpoint if it is
enrolled.
During authentication, we wont generate the keypair Label. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..255) |
|
revocationMethod |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.11 |
This object displays revocation check configured on the device.
If nothing is configured under the trustpoint, by default
revocation-check crl will be updated. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..50) |
|
hashAlgo |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.12 |
Hash algorithm configured under the trustpoint.
This will be used while selecting the HASH algorithm when CA
server responded with GetCACapabilities list.
Default value is sha1 |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
trustpointState |
1.3.6.1.4.1.9.9.854.2.1.2.1.1.13 |
Trustpoint state displays following
1) Authenticated - Trustpoint is in Authenticated state.
2) Enrolled - Trustpoint is authenticated and enrolled.
Certificate state is granted.
3) Pending - Trustpoint is authenticated but enrollment is in
pending state. This means CA server returned PENDING for the
router certificate.
4) None - Trustpoint is neither authenticated nor enrolled. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..20) |
|
ciscoPkiCertInstallAlert |
1.3.6.1.4.1.9.9.854.1.1 |
When a certificate is installed on the device, notification
will be sent with following information.
a) Certificates Serial number
b) Certificate Issuer-name
c) Certificate Subject name
d) Trustpoint name
e) Type of certificate. (i.e. CA/ID) certificate
f) Certificate Start Date
g) Certificate End Date
Alert will not be sent for RA certificates, trustpool
certificates and self-signed non-persistent certificates. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
ciscoPkiCertExpiryAlert |
1.3.6.1.4.1.9.9.854.1.2 |
Certificate Expiry alert consists of following
a) Certificate Serial number
b) Certificate Issuer-name
c) Trustpoint name
d) Type of certificate (i.e. CA/ID/SUBCA/RA)
e) Certificate remaining lifetime in seconds.
f) Certificate subject-name
When a certificate is reaching its expiry on the router, a trap
will be sent to SNMP server at regular intervals starting from
60days to till 1week. From 1week onwards daily one trap will be
sent with
following information
a) Certificate Serial number
b) Certificate Issuer-name
c) Trustpoint name
d) Type of certificate (i.e. CA/ID)
e) Certificate remaining lifetime.
Alert will not be sent if trustpoint is configured with
auto-enroll and corresponding shadow certificate/rollover
certificate is present provided, shadow/rollover certificates
start time is same/behind certificate end time.
If shadow/rollover certificate start time is ahead of
certificate end time, alerts will be continued to send because
shadow certificate wont be valid from certificates expiry
time.
Expiry alerts will not be sent for trustpool certificates. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
ciscoPkiMIBCompliance |
1.3.6.1.4.1.9.9.854.3.1.1 |
This is a default module-compliance
containing default object groups. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoPkiMIBMainObjectGroup |
1.3.6.1.4.1.9.9.854.3.2.1 |
The is a test group. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoPkiMIBNotificationGroup |
1.3.6.1.4.1.9.9.854.3.2.2 |
Notification alert group consists of both installation and
expiry notifications. |
Status: current |
Access: read-only |
NOTIFICATION-GROUP |
|
|
|