>> MIB - Management Information Base

>> Table: certTable - (.1.3.6.1.4.1.272.4.26.33.3.1)

Description: A certEntry contains either a peer's certificate, an own certficate or a certificate of a trusted certification authority, depending on the settings of the certFlags field.

certTable
OIDNameTypeAccess
.3IsCAENUMRW
.1IndexINTEGERR
.2DescriptionDisplayStringRW
.4ForceTrustedENUMRW
.7SubjectNameDisplayStringR
.5NoCrlsENUMRW
.6SerialNumberDisplayStringR
.8SubjectAltNamesDisplayStringR
.9IssuerNameDisplayStringR
.10IssuerAltNamesDisplayStringR
.16ValidNotAfterDateR
.15ValidNotBeforeDateR
.25SHA1FingerprintOCTET STRINGR
.13KeyIdOCTET STRINGR
.14PrivateKeyINTEGERR
.24MD5FingerprintOCTET STRINGR
.26SourceENUMR
.12PubKeyInfoDisplayStringR

IsCA
This object specifies how the certificate is treated internally.
Possible Values:
true(1), 	-- A certificate of a trusted root CA
false(2) 	-- An own or peer certificate.
Enumerations:
  • true (1)
  • false (2)
Index
A unique index of this certificate entry.
Description
This object specifies the name of the X.509 Certificate.
ForceTrusted
This object specifies how the certificate is treated internally.
Possible Values:
true(1), 	-- Always trust this certificate without 
-- considering any CAs
false(2) 	-- trust this certificate only, if there 
-- exists a valid trust path from a CA to it 
-- and it is not revoked.
Enumerations:
  • true (1)
  • false (2)
SubjectName
The subject name of the certificate.
NoCrls
This object specifies how the certificate is treated internally.
Possible Values:
true(1), 	-- do not check for certificate revocation 
-- lists for this CA (no meaning for non-CA 
-- certificates)
false(2) 	-- check for certificate revocation 
-- lists for this CA (no meaning for non-CA 
-- certificates).
Enumerations:
  • true (1)
  • false (2)
SerialNumber
This object specifies the serial number of the certificate.
SubjectAltNames
The subject alternative name of the certificate. For IPSec,
this field (not the subject name) is taken by default as the
peer id, if not otherwise specified.
IssuerName
The name of the certificate authority which issued this
certificate.
IssuerAltNames
The alternative names of the certificate authority which issued
this certificate.
ValidNotAfter
The end of the validity period of the certificate (GMT).
ValidNotBefore
The beginning of the validity period of the certificate (GMT).
SHA1Fingerprint
The fingerprint of the certificate computed as an SHA1
hash of the DER encoded binary certificate data.
KeyId
The key id as contained in the extensions of the certificate,
if any.
PrivateKey
The index of the private key from the ipsecPublicKeyTable
corresponding to the public key in this certificate.
If this object is zero, there is no private key available
for this certificate.
MD5Fingerprint
The fingerprint of the certificate computed as an MD5
hash of the DER encoded binary certificate data.
Source
The instance which created this certificate.
Enumerations:
  • config (1)
  • ike (2)
  • ldap (3)
  • http (4)
PubKeyInfo
This string shows the properties of the public key certified
in this certificate. These are the algorithm for which the key
is used and its length.


Copyright ©2003 by BinTec Access Networks GmbH