IsCA |
This object determines if the entry specifies a globally
trusted root certificate.
Possible Values:
true(1), -- Globally trusted root certificate
false(2) -- not globally trusted root certificate. Enumerations: |
Description |
This object specifies the name of the X.509 Certificate. |
Index |
A unique index of this certificate entry.
Dynamically loaded certificates are assigned negative indexes. |
ForceTrusted |
This object specifies if the certificate is trusted without any
further validity check.
Possible Values:
true(1), -- Disable any validity checks
false(2) -- Run validity checks as far as configured
-- otherwise. Enumerations: |
SubjectName |
This object shows the subject name of the certificate. |
NoCrls |
This object determines how CRL checking is performed
for this certificate.
Possible Values:
true(1), -- do not check for certificate revocation
-- lists for this CA (no meaning for non-CA
-- certificates)
false(2), -- check for certificate revocation
-- lists for this CA (no meaning for non-CA
-- certificates)
auto(3), -- check for crls only if there is a
-- CRLDistributionPoint in the certificate
inherit(4), -- inherit from superior ca in chain. Enumerations: - true (1)
- false (2)
- auto (3)
- inherit (4)
|
SerialNumber |
This object shows the serial number of the certificate. |
SubjectAltNames |
This object shows the subject alternative names of the
certificate. |
IssuerName |
This object shows the name of the certificate authority
which issued the certificate. |
IssuerAltNames |
This object shows the alternative names of the certificate
authority which issued the certificate. |
ValidNotAfter |
This object shows the end of the validity period
of the certificate (GMT). |
ValidNotBefore |
This object shows the beginning of the validity period
of the certificate (GMT). |
SHA1Fingerprint |
This object shows the fingerprint of the certificate
computed as an SHA1 hash of the DER encoded binary certificate.
Compare this object against an externally retrieved SHA1
fingerprint (e.g. published on a CA's web site) to assure
the authenticity of the certificate. |
KeyId |
This object shows the key id as contained in the extensions
of the certificate, if any. |
Source |
This object shows the instance which created the certificate. Enumerations: - config (1)
- ike (2)
- ldap (3)
- http (4)
|
PrivateKey |
This object shows the index of the private key from the
ipsecPublicKeyTable corresponding to the public key
contained in this certificate.
If this object is zero, there is no private key available
for this certificate. |
MD5Fingerprint |
This object shows the fingerprint of the certificate
computed as an MD5 hash of the DER encoded binary certificate.
Compare this object against an externally retrieved MD5
fingerprint (e.g. published on a CA's web site) to assure
the authenticity of the certificate. |
PubKeyInfo |
This object shows the properties of the public key
certified in this certificate.
These are the algorithm for which the key is used
and its length. |
KeyUsage |
This object shows the key usage flags contained
in the extensions of the certificate, if any.
The flags are:
EncipherOnly 0x00000001
CrlSign 0x00000002
KeyCertSign 0x00000004
KeyAgreement 0x00000008
DataEncipherment 0x00000010
KeyEncipherment 0x00000020
NonRepudiation 0x00000040
DigitalSignature 0x00000080
DecipherOnly 0x00010000 |