| Index |
| A unique index of this certificate entry. Dynamically loaded certificates are assigned negative indexes. |
| Description |
| This object specifies the name of the X.509 Certificate. Length: 0 to 255 |
| IsCA |
| This object determines if the entry specifies a globally trusted root certificate. Possible Values: true(1), -- Globally trusted root certificate false(2) -- not globally trusted root certificate. Enumerations: |
| ForceTrusted |
| This object specifies if the certificate is trusted without any further validity check. Possible Values: true(1), -- Disable any validity checks false(2) -- Run validity checks as far as configured -- otherwise. Enumerations: |
| NoCrls |
| This object determines how CRL checking is performed for this certificate. Possible Values: true(1), -- do not check for certificate revocation -- lists for this CA (no meaning for non-CA -- certificates) false(2), -- check for certificate revocation -- lists for this CA (no meaning for non-CA -- certificates) auto(3), -- check for crls only if there is a -- CRLDistributionPoint in the certificate inherit(4), -- inherit from superior ca in chain. Enumerations: - true (1)
- false (2)
- auto (3)
- inherit (4)
|
| SerialNumber |
| This object shows the serial number of the certificate. Length: 0 to 255 |
| SubjectName |
| This object shows the subject name of the certificate. Length: 0 to 255 |
| SubjectAltNames |
| This object shows the subject alternative names of the certificate. Length: 0 to 255 |
| IssuerName |
| This object shows the name of the certificate authority which issued the certificate. Length: 0 to 255 |
| IssuerAltNames |
| This object shows the alternative names of the certificate authority which issued the certificate. Length: 0 to 255 |
| PubKeyInfo |
| This object shows the properties of the public key certified in this certificate. These are the algorithm for which the key is used and its length. Length: 0 to 255 |
| KeyId |
| This object shows the key id as contained in the extensions of the certificate, if any. |
| PrivateKey |
| This object shows the index of the private key from the ipsecPublicKeyTable corresponding to the public key contained in this certificate. If this object is zero, there is no private key available for this certificate. |
| ValidNotBefore |
| This object shows the beginning of the validity period of the certificate (GMT). Range: 0 to -1 |
| ValidNotAfter |
| This object shows the end of the validity period of the certificate (GMT). Range: 0 to -1 |
| KeyUsage |
| This object shows the key usage flags contained in the extensions of the certificate, if any. The flags are: EncipherOnly 0x00000001 CrlSign 0x00000002 KeyCertSign 0x00000004 KeyAgreement 0x00000008 DataEncipherment 0x00000010 KeyEncipherment 0x00000020 NonRepudiation 0x00000040 DigitalSignature 0x00000080 DecipherOnly 0x00010000 Range: 0 to -1 |
| MD5Fingerprint |
| This object shows the fingerprint of the certificate computed as an MD5 hash of the DER encoded binary certificate. Compare this object against an externally retrieved MD5 fingerprint (e.g. published on a CA's web site) to assure the authenticity of the certificate. |
| SHA1Fingerprint |
| This object shows the fingerprint of the certificate computed as an SHA1 hash of the DER encoded binary certificate. Compare this object against an externally retrieved SHA1 fingerprint (e.g. published on a CA's web site) to assure the authenticity of the certificate. |
| Source |
| This object shows the instance which created the certificate. Enumerations: - config (1)
- ike (2)
- ldap (3)
- http (4)
|
| Uptodate |
| The remaining up-to-dateness of the certificate in percent. 0 means certificate is no more valid. 100 means certificate is not yet valid, but will be valid in future. This variable is updated every 24 hours. Range: 0 to 100 |