HP Cisco Nexus 5000 Cisco MDS 9000 Family MIB Quick Reference (OL-18087-01, Fe - Page 44

Cisco-port-channel-mib

Get HP Cisco Nexus 5000 - Converged Network Switches PDF manuals and user guides View all HP Cisco Nexus 5000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 44 highlights

Send documentation comments to [email protected] • The identity certificate (if obtained) from the CA. • The corresponding key-pair from the cpkiTrustPointTable that was used for the identity certificate. • The information needed for revocation checking of certificates issued by the CA. The cpkiRSAKeyPairTable contains an entry for each key-pair that is present in the device. A key-pair entry from the cpkiRSAKeyPairTable can be associated to an entry in the cpkiTrustPointTable. A key-pair entry can be associated to multiple cpkiTrustPointTable entries, but a cpkiTrustPointTable entry is associated with only one key-pair entry. This MIB supports the certificate work-flow operations used for generating the key-pairs and obtaining the certificates for them from various CAs. The following are the steps in one typical workflow: 1. Create a trustpoint (an entry in cpkiTrustPointTable) in the device. 2. Authenticate a CA. (This step involves manually verifying the CA certificate or chain fingerprints and then inputting the CA certificate or chain into the trustpoint.) 3. Generate a key-pair (an entry in cpkiRSAKeyPairTable). 4. Associate the key-pair to the trustpoint. 5. Generate a pkcs#10 Certificate Signing Request (CSR) in the trustpoint. 6. Submit CSR to the CA and get the identity certificate. 7. Input the identity certificate into the trustpoint. In another typical certificate workflow, the key-pair and the corresponding identity certificate are allowed to be generated or obtained outside of the device by whatever means and then input to the device in the pkcs#12 form. This MIB does not support configuring individual security services such as SSL, SSH, IPsec/IKE to use particular trustpoints or certificates and key-pairs in them. Instead, the security services certificate usage configuration is supported in the respective feature MIBs. CISCO-PORT-CHANNEL-MIB This MIB manages PortChannel ports in the Cisco MDS 9000 Family. In addition to this MIB, CISCO-FC-FE-MIB and IF-MIB (RFC 2863) also contain entries for PortChannel ports. PortChannel refers to the aggregation of multiple physical Fibre Channel ports into one logical port to provide high-aggregated bandwidth, load balancing, and link redundancy. Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © Cisco Systems, Inc. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
Send documentation comments to [email protected]
Americas Headquarters:
© <2009> Cisco Systems, Inc. All rights reserved.
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706
USA
The identity certificate (if obtained) from the CA.
The corresponding key-pair from the cpkiTrustPointTable that was used for the identity certificate.
The information needed for revocation checking of certificates issued by the CA.
The cpkiRSAKeyPairTable contains an entry for each key-pair that is present in the device.
A key-pair entry from the cpkiRSAKeyPairTable can be associated to an entry in the
cpkiTrustPointTable. A key-pair entry can be associated to multiple cpkiTrustPointTable entries, but a
cpkiTrustPointTable entry is associated with only one key-pair entry.
This MIB supports the certificate work-flow operations used for generating the key-pairs and obtaining
the certificates for them from various CAs. The following are the steps in one typical workflow:
1.
Create a trustpoint (an entry in cpkiTrustPointTable) in the device.
2.
Authenticate a CA. (This step involves manually verifying the CA certificate or chain fingerprints
and then inputting the CA certificate or chain into the trustpoint.)
3.
Generate a key-pair (an entry in cpkiRSAKeyPairTable).
4.
Associate the key-pair to the trustpoint.
5.
Generate a pkcs#10 Certificate Signing Request (CSR) in the trustpoint.
6.
Submit CSR to the CA and get the identity certificate.
7.
Input the identity certificate into the trustpoint.
In another typical certificate workflow, the key-pair and the corresponding identity certificate are
allowed to be generated or obtained outside of the device by whatever means and then input to the device
in the pkcs#12 form.
This MIB does not support configuring individual security services such as SSL, SSH, IPsec/IKE to use
particular trustpoints or certificates and key-pairs in them. Instead, the security services certificate usage
configuration is supported in the respective feature MIBs.
CISCO-PORT-CHANNEL-MIB
This MIB manages PortChannel ports in the Cisco MDS 9000 Family. In addition to this MIB,
CISCO-FC-FE-MIB and IF-MIB (RFC 2863) also contain entries for PortChannel ports. PortChannel
refers to the aggregation of multiple physical Fibre Channel ports into one logical port to provide
high-aggregated bandwidth, load balancing, and link redundancy.