Extreme Certificate MIB

The Extreme Certificate MIB configures the traps that can be generated when a Crypto Certificate is due to expire. Four categories of severity of traps can be generated. Traps are generated when any certificate stored on the device is due to expire within a configured number of days.

Table 1. **Extreme Certificate MIB Notifications**
Trap Names and OIDs	Varbinds	Descriptoin
extremeCertExpiryWarning .1.3.6.1.4.1.1916.1.59.0.1	extremeCertSubject, extremeCertIssuerName, extremeCertSerialNumber, extremeCertValidNotAfterTime, extremeCertExpiryPendingDays, extremeCertExpiryAlertLevel	An extremeCertExpiryWarning notification is sent before a certificate expiry based on the certification expiry alert configuration. The certificate (extremeCertName) for which this notification is sent can be identified from INDEX part of this notification varbinds belonging to the extremeCertTable.
extremeCertExpired .1.3.6.1.4.1.1916.1.59.0.2	extremeCertSubject, extremeCertIssuerName, extremeCertSerialNumber, extremeCertValidNotAfterTime, extremeCertExpiryExpiredDays	An extremeCertExpired notification is sent if the certificate has expired. The certificate (extremeCertName) for which this notification is sent can be identified from INDEX part of this notification varbinds belonging to the extremeCertTable.

Table 2. Extreme Certificate MIB Objects
Objects and OID	Access	Description
extremeCertTable .1.3.6.1.4.1.1916.1.59.1.1	None	A table of certificates present in the system. Instances of this managed object are created automatically when certificates are imported into the system.
extremeCertEntry .1.3.6.1.4.1.1916.1.59.1.1.1	None	The conceptual row of extremeCertTable.
extremeCertName .1.3.6.1.4.1.1916.1.59.1.1.1.1	not-accessible	Certificate's name which uniquely identifies a certificate on this system.
extremeCertIssuerName .1.3.6.1.4.1.1916.1.59.1.1.1.2	read-only	Certificate's issuer name.
extremeCertSerialNumber .1.3.6.1.4.1.1916.1.59.1.1.1.3	read-only	Certificate's serial number (in decimal format).
extremeCertSubject .1.3.6.1.4.1.1916.1.59.1.1.1.4	read-only	Identifying information about the entity to which the certificate is issued.
extremeCertValidNotBefore .1.3.6.1.4.1.1916.1.59.1.1.1.5	read-only	Date and time before which the certificate is not valid.
extremeCertValidNotAfter .1.3.6.1.4.1.1916.1.59.1.1.1.6	read-only	Date and time after which the certificate is not valid.
extremeCertStatus .1.3.6.1.4.1.1916.1.59.1.1.1.7	read-only	Certificate's current status.
extremeCertExpiryAlertLevel .1.3.6.1.4.1.1916.1.59.1.2	accessible-for-notify	Alert level of certificate expiry can be one of expiry levels info, minor, major and critical.
extremeCertExpiryPendingDays .1.3.6.1.4.1.1916.1.59.1.3	accessible-for-notify	Number of days remaining for the certificate to expire.
extremeCertExpiryExpiredDays .1.3.6.1.4.1.1916.1.59.1.4	accessible-for-notify	Number of days since the certificate expired.

Supported Certificates

The following certificates are monitored for expiry:

gnmi-server
gnmiclient-ca
https
https-trustpoint
httpsclient-ca
ldap-ca
ldap-client
oauth2pkicert
radius-ca
radius-client
sshx509v3
sshx509v3-ca
sshx509v3-trustpoint
syslog-ca
syslog-client