Manualshelf

Cisco MDS 9000 Family MIB Quick Reference (OL-18087-01, February 2009)

ManualsBrandsHP ManualsStorageHP SN8000C 6-Slot Supervisor 2A Director Switch
41424344454647484950
Send documentation comments to mdsfeedback-doc@cisco.com
Americas Headquarters:
© <2009> Cisco Systems, Inc. All rights reserved.
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
The identity certificate (if obtained) from the CA.
The corresponding key-pair from the cpkiTrustPointTable that was used for the identity certificate.
The information needed for revocation checking of certificates issued by the CA.
The cpkiRSAKeyPairTable contains an entry for each key-pair that is present in the device.
A key-pair entry from the cpkiRSAKeyPairTable can be associated to an entry in the
cpkiTrustPointTable. A key-pair entry can be associated to multiple cpkiTrustPointTable entries, but a
cpkiTrustPointTable entry is associated with only one key-pair entry.
This MIB supports the certificate work-flow operations used for generating the key-pairs and obtaining
the certificates for them from various CAs. The following are the steps in one typical workflow:
1. Create a trustpoint (an entry in cpkiTrustPointTable) in the device.
2. Authenticate a CA. (This step involves manually verifying the CA certificate or chain fingerprints
and then inputting the CA certificate or chain into the trustpoint.)
3. Generate a key-pair (an entry in cpkiRSAKeyPairTable).
4. Associate the key-pair to the trustpoint.
5. Generate a pkcs#10 Certificate Signing Request (CSR) in the trustpoint.
6. Submit CSR to the CA and get the identity certificate.
7. Input the identity certificate into the trustpoint.
In another typical certificate workflow, the key-pair and the corresponding identity certificate are
allowed to be generated or obtained outside of the device by whatever means and then input to the device
in the pkcs#12 form.
This MIB does not support configuring individual security services such as SSL, SSH, IPsec/IKE to use
particular trustpoints or certificates and key-pairs in them. Instead, the security services certificate usage
configuration is supported in the respective feature MIBs.
CISCO-PORT-CHANNEL-MIB
This MIB manages PortChannel ports in the Cisco MDS 9000 Family. In addition to this MIB,
CISCO-FC-FE-MIB and IF-MIB (RFC 2863) also contain entries for PortChannel ports. PortChannel
refers to the aggregation of multiple physical Fibre Channel ports into one logical port to provide
high-aggregated bandwidth, load balancing, and link redundancy.