Class pki:CertReq (CONCRETE)

Class ID:1481
Class Label: Certificate Request
Encrypted: false - Exportable: true - Persistent: true - Configurable: true - Subject to Quota: Disabled - Abstraction Layer: Ambiguous Placement in the Model - APIC NX Processing: Disabled
Write Access: [aaa, admin]
Read Access: [aaa, admin]
Creatable/Deletable: yes (see Container Mos for details)
Possible Semantic Scopes: EPG, Fabric,
Semantic Scope Evaluation Rule: Parent
Monitoring Policy Source: Parent
Monitoring Flags : [ IsObservable: false, HasStats: false, HasFaults: false, HasHealth: false, HasEventRules: false ]

A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.

Naming Rules
RN FORMAT: certreq

    [1] PREFIX=certreq


DN FORMAT: 

[1] uni/tn-{name}/certstore/keyring-{name}/certreq

[3] uni/userext/pkiext/keyring-{name}/certreq

                


Diagram

Container Mos: pki:KeyRing (deletable:yes),
Contained Mos: aaa:RbacAnnotation, tag:Annotation, tag:Tag,


Containers Hierarchies
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] ctx:Local The local Context.
 
 
 
 
 ├
[V] ctx:Application The context application.
 
 
 
 
 
 ├
[V] pol:Uni Represents policy definition/resolution universe.
 
 
 
 
 
 
 ├
[V] fv:Tenant A policy owner in the virtual fabric. A tenant can be either a private or a shared entity. For example, you can create a tenant with contexts and bridge domains shared by other tenants. A shared type of tenant is typically named common, default, or infra.
 
 
 
 
 
 
 
 ├
[V] cloud:CertStore 
 
 
 
 
 
 
 
 
 ├
[V] pki:KeyRing A keyring to create and hold an SSL certificate. The SSL certificate contains the public RSA key and signed identity information of a PKI device. The PKI device holds a pair of RSA encryption keys, one kept private and one made public, stored in an internal key ring. The keyring certificate merges into the PKI device keyring to create a trusted relationship.
 
 
 
 
 
 
 
 
 
 ├
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] pol:Uni Represents policy definition/resolution universe.
 
 ├
[V] fv:Tenant A policy owner in the virtual fabric. A tenant can be either a private or a shared entity. For example, you can create a tenant with contexts and bridge domains shared by other tenants. A shared type of tenant is typically named common, default, or infra.
 
 
 ├
[V] cloud:CertStore 
 
 
 
 ├
[V] pki:KeyRing A keyring to create and hold an SSL certificate. The SSL certificate contains the public RSA key and signed identity information of a PKI device. The PKI device holds a pair of RSA encryption keys, one kept private and one made public, stored in an internal key ring. The keyring certificate merges into the PKI device keyring to create a trusted relationship.
 
 
 
 
 ├
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] ctx:Local The local Context.
 
 
 
 
 ├
[V] ctx:Application The context application.
 
 
 
 
 
 ├
[V] pol:Uni Represents policy definition/resolution universe.
 
 
 
 
 
 
 ├
[V] aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control
 
 
 
 
 
 
 
 ├
[V] pki:Ep The PKI configuration, which includes key rings and certificate authority (CA) credentials. Components of the PKI are used to establish secure communications between two devices.
 
 
 
 
 
 
 
 
 ├
[V] pki:KeyRing A keyring to create and hold an SSL certificate. The SSL certificate contains the public RSA key and signed identity information of a PKI device. The PKI device holds a pair of RSA encryption keys, one kept private and one made public, stored in an internal key ring. The keyring certificate merges into the PKI device keyring to create a trusted relationship.
 
 
 
 
 
 
 
 
 
 ├
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] pol:Uni Represents policy definition/resolution universe.
 
 ├
[V] aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control
 
 
 ├
[V] pki:Ep The PKI configuration, which includes key rings and certificate authority (CA) credentials. Components of the PKI are used to establish secure communications between two devices.
 
 
 
 ├
[V] pki:KeyRing A keyring to create and hold an SSL certificate. The SSL certificate contains the public RSA key and signed identity information of a PKI device. The PKI device holds a pair of RSA encryption keys, one kept private and one made public, stored in an internal key ring. The keyring certificate merges into the PKI device keyring to create a trusted relationship.
 
 
 
 
 ├
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.


Contained Hierarchy
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 ├
[V] tag:Annotation 
 ├
[V] tag:Tag 


Inheritance
[V] pki:CertReq A request sent to a certificate authority (CA or trustpoint) requesting that the CA affirm the identity of the requester and issue a digital certificate verifying that the requestor is the owner of the presented public key.


Events
                pki:CertReq:pki_CertReq_createCertReq
pki:CertReq:pki_CertReq_deleteCertReq
pki:CertReq:creation__pki_CertReq
pki:CertReq:modification__pki_CertReq
pki:CertReq:deletion__pki_CertReq


Faults
                


Fsms
                


Properties Summary
Defined in: pki:CertReq
naming:Name
          string:Basic
altSubjName  (pki:CertReq:altSubjName)
           NO COMMENTS
mo:Annotation
          string:Basic
annotation  (pki:CertReq:annotation)
           NO COMMENTS
naming:Name
          string:Basic
country  (pki:CertReq:country)
           The two-letter ISO code for the country where the organization is located.
naming:Name
          string:Basic
email  (pki:CertReq:email)
           The email address of the organization's contact person.
mo:ExtMngdByType
          scalar:Bitmask32
extMngdBy  (pki:CertReq:extMngdBy)
           NO COMMENTS
naming:Name
          string:Basic
locality  (pki:CertReq:locality)
           The city or town of the organization.
naming:Name
          string:Basic
orgName  (pki:CertReq:orgName)
           The full legal name of the organization.
naming:Name
          string:Basic
orgUnitName  (pki:CertReq:orgUnitName)
           A department or unit name within the organization.
string:Password pwd  (pki:CertReq:pwd)
           The new password.
pki:Cert
          string:CharBuffer
req  (pki:CertReq:req)
           Contains the generated PEM-encoded certificate request.
naming:Name
          string:Basic
state  (pki:CertReq:state)
           The state or province in which the organization is located.
naming:Name
          string:Basic
subjName  (pki:CertReq:subjName)
           The fully qualified domain name or distinguished name of the requesting device.
Defined in: mo:Ownable
scalar:Uint16 uid  (mo:Ownable:uid)
           A unique identifier for this object.
Defined in: mo:Resolvable
mo:Owner
          scalar:Enum8
lcOwn  (mo:Resolvable:lcOwn)
           A value that indicates how this object was created. For internal use only.
Defined in: mo:Modifiable
mo:TStamp
          scalar:Date
modTs  (mo:Modifiable:modTs)
           The time when this object was last modified.
Defined in: mo:TopProps
mo:ModificationChildAction
          scalar:Bitmask32
childAction  (mo:TopProps:childAction)
           Delete or ignore. For internal use only.
reference:BinRef dn  (mo:TopProps:dn)
           A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
reference:BinRN rn  (mo:TopProps:rn)
           Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.
mo:ModificationStatus
          scalar:Bitmask32
status  (mo:TopProps:status)
           The upgrade status. This property is for internal use only.
Properties Detail

altSubjName

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "1024"
        Allowed Chars:
            Regex: [a-zA-Z0-9\!#$%()*,-\/.:;@ _{|}~?]+
    Comments:
NO COMMENTS



annotation

Type: mo:Annotation
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "128"
        Allowed Chars:
            Regex: [a-zA-Z0-9_.:-]+
    Comments:
NO COMMENTS



childAction

Type: mo:ModificationChildAction
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelChildAction
    Comments:
Delete or ignore. For internal use only.
Constants
deleteAll 16384u deleteAll NO COMMENTS
ignore 4096u ignore NO COMMENTS
deleteNonPresent 8192u deleteNonPresent NO COMMENTS
DEFAULT 0 --- This type is used to





country

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Regex: [A-Z][A-Z]
    Comments:
The two-letter ISO code for the country where the organization is located.



dn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelDn
    Comments:
A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.



email

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "40"
        Allowed Chars:
            Regex: [a-zA-Z0-9()+,-./:@_ˆ\s]+
    Comments:
The email address of the organization's contact person.



extMngdBy

Type: mo:ExtMngdByType
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
NO COMMENTS
Constants
undefined 0u undefined NO COMMENTS
msc 1u msc NO COMMENTS
DEFAULT undefined(0u) undefined NO COMMENTS





lcOwn

Type: mo:Owner
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A value that indicates how this object was created. For internal use only.
Constants
local 0 Local NO COMMENTS
policy 1 Policy NO COMMENTS
replica 2 Replica NO COMMENTS
resolveOnBehalf 3 ResolvedOnBehalf NO COMMENTS
implicit 4 Implicit NO COMMENTS
DEFAULT local(0) Local NO COMMENTS





locality

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "64"
        Allowed Chars:
            Regex: [a-zA-Z0-9()+,-./:@_ˆ\s]+
    Comments:
The city or town of the organization.



modTs

Type: mo:TStamp
Primitive Type: scalar:Date

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The time when this object was last modified.
Constants
never 0ull never NO COMMENTS
DEFAULT never(0ull) never NO COMMENTS





orgName

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "64"
        Allowed Chars:
            Regex: [a-zA-Z0-9()+,-./:@_ˆ\s]+
    Comments:
The full legal name of the organization.



orgUnitName

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "64"
        Allowed Chars:
            Regex: [a-zA-Z0-9()+,-./:@_ˆ\s]+
    Comments:
A department or unit name within the organization.



pwd

Type: string:Password

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Comments:
The new password.



req

Type: pki:Cert
Primitive Type: string:CharBuffer

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
Contains the generated PEM-encoded certificate request.



rn

Type: reference:BinRN

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRn
    Comments:
Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.



state

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "0"  max: "64"
        Allowed Chars:
            Regex: [a-zA-Z0-9()+,-./:@_ˆ\s]+
    Comments:
The state or province in which the organization is located.



status

Type: mo:ModificationStatus
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelStatus
    Comments:
The upgrade status. This property is for internal use only.
Constants
created 2u created In a setter method: specifies that an object should be created. An error is returned if the object already exists.
In the return value of a setter method: indicates that an object has been created.
modified 4u modified In a setter method: specifies that an object should be modified
In the return value of a setter method: indicates that an object has been modified.
deleted 8u deleted In a setter method: specifies that an object should be deleted.
In the return value of a setter method: indicates that an object has been deleted.
DEFAULT 0 --- This type controls the life cycle of objects passed in the XML API.

When used in a setter method (such as configConfMo), the ModificationStatus specifies whether an object should be created, modified, deleted or removed.
In the return value of a setter method, the ModificationStatus indicates the actual operation that was performed. For example, the ModificationStatus is set to "created" if the object was created. The ModificationStatus is not set if the object was neither created, modified, deleted or removed.

When invoking a setter method, the ModificationStatus is optional:
If a setter method such as configConfMo is invoked and the ModificationStatus is not set, the system automatically determines if the object should be created or modified.






subjName

Type: naming:Name
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
    Range:  min: "1"  max: "64"
        Allowed Chars:
            Regex: [a-zA-Z0-9\!#$%()*,-\/.:;@ _{|}~?]+
    Comments:
The fully qualified domain name or distinguished name of the requesting device.



uid

Type: scalar:Uint16

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A unique identifier for this object.