This module contains a collection of yang definitions for PKI operational data. Copyright (c) 2018-2020 by Cisco Systems, Inc. A...
Version: 2021-03-01
module Cisco-IOS-XE-crypto-pki-oper { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XE-crypto-pki-oper"; prefix crypto-pki-ios-xe-oper; import ietf-yang-types { prefix yang; } import cisco-semver { prefix cisco-semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 W Tasman Drive San Jose, CA 95134 Tel: +1 1800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of yang definitions for PKI operational data. Copyright (c) 2018-2020 by Cisco Systems, Inc. All rights reserved."; revision "2021-03-01" { description "Updated certificate related fields and counters"; reference "1.3.0"; } revision "2019-11-01" { description "Updated trustpoint status flags"; reference "1.2.0"; } revision "2019-05-01" { description "Added semantic version"; reference "1.1.0"; } revision "2018-12-03" { description "Initial revision"; reference "1.0.0"; } cisco-semver:module-version "1.3.0"; cisco-semver:module-version "1.2.0"; cisco-semver:module-version "1.1.0"; cisco-semver:module-version "1.0.0"; typedef crypto-pki-tp-mode { type enumeration { enum "crypto-pki-mode-none" { value 0; description "Normal Trustpoint"; } enum "crypto-pki-mode-ra" { value 1; description "Registration Authority mode Trustpoint"; } enum "crypto-pki-mode-subcs" { value 2; description "Subordinate Certificate Server mode Trustpoint"; } } description "Trustpoint mode whether it is RA or SUBCS or neither."; } typedef crypto-pki-cert-avail { type enumeration { enum "crypto-pki-cert-not-available" { value 0; description "Certificate Not Available"; } enum "crypto-pki-cert-available" { value 1; description "Certificate Available"; } } description "Certificate availability."; } typedef crypto-pki-cert-usage { type enumeration { enum "crypto-pki-cert-usage-unset" { value 0; description "Certificate usage not set."; } enum "crypto-pki-cert-usage-signature" { value 1; description "Certificate usage is for signature"; } enum "crypto-pki-cert-usage-encryption" { value 2; description "Certificate usage is for encryption"; } enum "crypto-pki-cert-usage-usage-keys" { value 3; description "Certificate type usage keys"; } enum "crypto-pki-cert-general-purpose" { value 4; description "Certificate usage is general purpose"; } } description "Trustpoint certificate usage"; } typedef crypto-pki-cert-key-type { type enumeration { enum "crypto-pki-cert-key-none" { value 0; description "Key type not set"; } enum "crypto-pki-cert-key-rsa" { value 1; description "Key type is RSA"; } enum "crypto-pki-cert-key-ec" { value 2; description "Key type is elliptic curve"; } } description "Trustpoint certificate key type"; } typedef crypto-pki-key-export { type enumeration { enum "crypto-pki-key-not-exportable" { value 0; description "Keys are not exportable"; } enum "crypto-pki-key-exportable" { value 1; description "Keys are exportable"; } } description "Trustpoint key exportable field"; } grouping crypto-pki-cert-asc-tp { description "Associated trustpoint with certificate"; leaf tp-name { type string; description "Trustpoint name"; } } // grouping crypto-pki-cert-asc-tp grouping crypto-pki-cert-data { description "crypto pki certificate data"; leaf cert-avail { type crypto-pki-cert-avail; description "Availability of certificate"; } leaf cert-usage { type crypto-pki-cert-usage; description "Usage of certificate"; } leaf cert-key-type { type crypto-pki-cert-key-type; description "Key type of certificate"; } leaf serial-number { type string; description "Serial number of certificate"; } leaf subject-name { type string; description "Subject name of certificate"; } leaf issuer-name { type string; description "Issuer name of certificate"; } leaf storage { type string; description "Filename where the certificate content is stored on the device"; } leaf md5-fp { type string; description "MD5 fingerprint of certificate"; } leaf validity-start { type yang:date-and-time; description "The certificate validity start time"; } leaf validity-end { type yang:date-and-time; description "Expiry time of certificate"; } list asc-tp { description "Associated trust points of certificate"; uses crypto-pki-ios-xe-oper:crypto-pki-cert-asc-tp; } // list asc-tp } // grouping crypto-pki-cert-data grouping crypto-pki-data { description "crypto pki data"; leaf label { type string; description "Trustpoint label or name"; } leaf mode { type crypto-pki-tp-mode; description "Trustpoint mode"; } leaf tp-authenticated { type boolean; description "Set to true if trustpoint is authenticated, false otherwise"; } leaf tp-keys-generated { type boolean; description "Set to true if keys are generated, false otherwise"; } leaf tp-enrolled { type boolean; description "Set to true if trustpoint is enrolled, false otherwise"; } leaf tp-scep-enrollment-in-progress { type boolean; description "Set to true if SCEP enrollment is in progress, false otherwise"; } leaf key-export { type crypto-pki-key-export; description "Set to true if trust point key is exportable"; } list cert { description "List of Certificates associated with this trustpoint"; uses crypto-pki-ios-xe-oper:crypto-pki-cert-data; } // list cert } // grouping crypto-pki-data grouping crypto-pki-counters { description "Crypto PKI Counter Values"; leaf ses-started { type uint64; description "Number of PKI sessions started"; } leaf ses-ended { type uint64; description "Number of PKI sessions ended"; } leaf ses-active { type uint64; description "Number of PKI sessions active"; } leaf success-val { type uint64; description "Number of successful PKI validations"; } leaf fail-val { type uint64; description "Number of failed PKI validations"; } leaf bypassed-val { type uint64; description "Number of bypassed PKI validations"; } leaf pend-val { type uint64; description "Number of pending PKI validations"; } leaf crl-checked { type uint64; description "Number of PKI crl checked"; } leaf crl-fetch-attempts { type uint64; description "Number of PKI crl fetch attempts"; } leaf crl-fail-attempts { type uint64; description "Number of PKI crl failed attempts"; } leaf crl-busy-fetching { type uint64; description "Number of PKI crl rejected as device was fetching another crl"; } leaf aaa-auth { type uint64; description "Number of PKI AAA authorizations"; } } // grouping crypto-pki-counters container crypto-pki-oper-data { config false; description "Crypto PKI operational data"; list crypto-pki-bundle { key "label"; description "PKI data list"; uses crypto-pki-ios-xe-oper:crypto-pki-data; } // list crypto-pki-bundle container crypto-pki-counters { presence "crypto-pki-counters"; description "PKI counters"; uses crypto-pki-ios-xe-oper:crypto-pki-counters; } // container crypto-pki-counters } // container crypto-pki-oper-data } // module Cisco-IOS-XE-crypto-pki-oper
© 2023 YumaWorks, Inc. All rights reserved.