Cisco AJ732A - MDS 9134 Fabric Switch Quick Reference Manual page 44
Cisco mds 9000 family mib quick reference (ol-18087-01, february 2009)
Hide thumbs
Also See for AJ732A - Cisco MDS 9134 Fabric Switch:
- Command reference manual (1640 pages) ,
- Configuration manual (700 pages) ,
- Messages manual (518 pages)
Advertisement
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
•
•
•
The cpkiRSAKeyPairTable contains an entry for each key-pair that is present in the device.
A key-pair entry from the cpkiRSAKeyPairTable can be associated to an entry in the
cpkiTrustPointTable. A key-pair entry can be associated to multiple cpkiTrustPointTable entries, but a
cpkiTrustPointTable entry is associated with only one key-pair entry.
This MIB supports the certificate work-flow operations used for generating the key-pairs and obtaining
the certificates for them from various CAs. The following are the steps in one typical workflow:
1.
2.
3.
4.
5.
6.
7.
In another typical certificate workflow, the key-pair and the corresponding identity certificate are
allowed to be generated or obtained outside of the device by whatever means and then input to the device
in the pkcs#12 form.
This MIB does not support configuring individual security services such as SSL, SSH, IPsec/IKE to use
particular trustpoints or certificates and key-pairs in them. Instead, the security services certificate usage
configuration is supported in the respective feature MIBs.
CISCO-PORT-CHANNEL-MIB
This MIB manages PortChannel ports in the Cisco MDS 9000 Family. In addition to this MIB,
CISCO-FC-FE-MIB and IF-MIB (RFC 2863) also contain entries for PortChannel ports. PortChannel
refers to the aggregation of multiple physical Fibre Channel ports into one logical port to provide
high-aggregated bandwidth, load balancing, and link redundancy.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© <2009> Cisco Systems, Inc. All rights reserved.
The identity certificate (if obtained) from the CA.
The corresponding key-pair from the cpkiTrustPointTable that was used for the identity certificate.
The information needed for revocation checking of certificates issued by the CA.
Create a trustpoint (an entry in cpkiTrustPointTable) in the device.
Authenticate a CA. (This step involves manually verifying the CA certificate or chain fingerprints
and then inputting the CA certificate or chain into the trustpoint.)
Generate a key-pair (an entry in cpkiRSAKeyPairTable).
Associate the key-pair to the trustpoint.
Generate a pkcs#10 Certificate Signing Request (CSR) in the trustpoint.
Submit CSR to the CA and get the identity certificate.
Input the identity certificate into the trustpoint.
Advertisement
