>> MIB - Management Information Base

>> Table: certTable - (.1.3.6.1.4.1.272.4.26.33.3.1)

Description: A certEntry contains the description of a certificate.

certTable
OIDNameTypeAccess
.3IsCAENUMRW
.2DescriptionDisplayStringRW
.1IndexINTEGERR
.4ForceTrustedENUMRW
.7SubjectNameDisplayStringR
.5NoCrlsENUMRW
.6SerialNumberDisplayStringR
.8SubjectAltNamesDisplayStringR
.9IssuerNameDisplayStringR
.10IssuerAltNamesDisplayStringR
.16ValidNotAfterDateR
.15ValidNotBeforeDateR
.25SHA1FingerprintOCTET STRINGR
.13KeyIdOCTET STRINGR
.26SourceENUMR
.14PrivateKeyINTEGERR
.24MD5FingerprintOCTET STRINGR
.12PubKeyInfoDisplayStringR
.17KeyUsageHexValueR

IsCA
This object determines if the entry specifies a globally 
trusted root certificate.
Possible Values:
true(1), 	-- Globally trusted root certificate
false(2) 	-- not globally trusted root certificate.
Enumerations:
  • true (1)
  • false (2)
Description
This object specifies the name of the X.509 Certificate.
Index
A unique index of this certificate entry.
Dynamically loaded certificates are assigned negative indexes.
ForceTrusted
This object specifies if the certificate is trusted without any
further validity check.
Possible Values:
true(1), 	-- Disable any validity checks
false(2) 	-- Run validity checks as far as configured
-- otherwise.
Enumerations:
  • true (1)
  • false (2)
SubjectName
This object shows the subject name of the certificate.
NoCrls
This object determines how CRL checking is performed 
for this certificate.
Possible Values:
true(1), 	-- do not check for certificate revocation 
-- lists for this CA (no meaning for non-CA 
-- certificates)
false(2), 	-- check for certificate revocation 
-- lists for this CA (no meaning for non-CA 
-- certificates)
auto(3),	-- check for crls only if there is a 
-- CRLDistributionPoint in the certificate
inherit(4),	-- inherit from superior ca in chain.
Enumerations:
  • true (1)
  • false (2)
  • auto (3)
  • inherit (4)
SerialNumber
This object shows the serial number of the certificate.
SubjectAltNames
This object shows the subject alternative names of the 
certificate.
IssuerName
This object shows the name of the certificate authority 
which issued the certificate.
IssuerAltNames
This object shows the alternative names of the certificate
authority which issued the certificate.
ValidNotAfter
This object shows the end of the validity period
of the certificate (GMT).
ValidNotBefore
This object shows the beginning of the validity period
of the certificate (GMT).
SHA1Fingerprint
This object shows the fingerprint of the certificate
computed as an SHA1 hash of the DER encoded binary certificate.
Compare this object against an externally retrieved SHA1
fingerprint (e.g. published on a CA's web site) to assure
the authenticity of the certificate.
KeyId
This object shows the key id as contained in the extensions
of the certificate, if any.
Source
This object shows the instance which created the certificate.
Enumerations:
  • config (1)
  • ike (2)
  • ldap (3)
  • http (4)
PrivateKey
This object shows the index of the private key from the 
ipsecPublicKeyTable corresponding to the public key 
contained in this certificate.
If this object is zero, there is no private key available
for this certificate.
MD5Fingerprint
This object shows the fingerprint of the certificate
computed as an MD5 hash of the DER encoded binary certificate.
Compare this object against an externally retrieved MD5
fingerprint (e.g. published on a CA's web site) to assure
the authenticity of the certificate.
PubKeyInfo
This object shows the properties of the public key 
certified in this certificate. 
These are the algorithm for which the key is used
and its length.
KeyUsage
This object shows the key usage flags contained 
in the extensions of the certificate, if any.
The flags are:
EncipherOnly       0x00000001
CrlSign            0x00000002
KeyCertSign        0x00000004
KeyAgreement       0x00000008
DataEncipherment   0x00000010
KeyEncipherment    0x00000020
NonRepudiation     0x00000040
DigitalSignature   0x00000080
DecipherOnly       0x00010000


MIB Reference to Software Version 7.5.1 generated on 2006/08/03. Provided by webmaster@funkwerk-ec.com
Copyright ©2006 by Funkwerk Enterprise Communications GmbH