-- ====================================================================
-- Copyright (c) 2004-2022 New H3C Tech. Co., Ltd.  All rights reserved.
--
-- Description: The MIB is designed to get PKI trap information.
-- Reference:
-- Version: 1.2
-- History:
--   V1.0: The initial version created by Zhaoming.
--   V1.1: Modified by Zhaoming Dec.30 2021
--           1) 'hh3cPKICertUpdateTime' was added to the 'hh3cPKIGetLocalCertSucScep'
--               and 'hh3cPKIGetLocalCertFailScep' traps.
--   V1.2: Modified by skf9095 Sep.22 2022
--           1) Added the 'hh3cPKICrlHasExpiredTrapCntl'
--               and 'hh3cPKICrlHasExpired' traps.
--           2) Added the 'hh3cPKIWriteToFlashFailTrapCntl'
--               and 'hh3cPKIWriteToFlashFail' traps.
-- =====================================================================
HH3C-PKI-MONITOR-MIB DEFINITIONS ::= BEGIN

IMPORTS
    DisplayString, TruthValue, DateAndTime
        FROM SNMPv2-TC
    OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
        FROM SNMPv2-SMI
    MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
        FROM SNMPv2-CONF
    hh3cCommon
        FROM HH3C-OID-MIB;

hh3cPKIMonitor MODULE-IDENTITY
    LAST-UPDATED "202209221725Z"             -- September 22, 2022 at 12:47 GMT
    ORGANIZATION
        "New H3C Tech. Co., Ltd."
    CONTACT-INFO
        "Platform Team New H3C Tech. Co., Ltd.
        Hai-Dian District Beijing P.R. China
        http://www.h3c.com
        Zip:100085"
    DESCRIPTION
        "The MIB is designed to obtain the alarm information of the PKI module."
    REVISION "202209221725Z"
    DESCRIPTION
        "Add hh3cPKICrlHasExpiredTrapCntl to hh3cPKITrapCntlGroup.
         Add hh3cPKIWriteToFlashFailTrapCntl to hh3cPKITrapCntlGroup.
         Add hh3cPKICrlHasExpired to hh3cPKITrapGroup.
         Add hh3cPKIWriteToFlashFail to hh3cPKITrapGroup."
    REVISION "202112301247Z"
    DESCRIPTION
        "This revision is about the trap hh3cPKIGetLocalCertSucScep and
         hh3cPKIGetLocalCertFailScep ."
    REVISION
        "202109141347Z"
    DESCRIPTION
        "Initial version."
    ::= { hh3cCommon 209 }


-- ========================================================================
-- Node definitions
-- ========================================================================
-- Begin the node of hh3cPKIObjects.

hh3cPKIObjects OBJECT IDENTIFIER ::= { hh3cPKIMonitor 1 }
-- =======================================
-- Begin the hh3cPKITrapObject.
-- =======================================

hh3cPKITrapObject OBJECT IDENTIFIER ::= { hh3cPKIObjects 1 }

hh3cPKICACertIssuer   OBJECT-TYPE
    SYNTAX DisplayString(SIZE(0..255))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The issuer of CA certificate with a trap."
    ::= { hh3cPKITrapObject 1 }

hh3cPKICACertSubject   OBJECT-TYPE
    SYNTAX DisplayString(SIZE(0..255))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The subject of CA certificate with a trap."
    ::= { hh3cPKITrapObject 2 }

hh3cPKICACertStartTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The time when the CA certificate becomes effective with a trap."
    ::= { hh3cPKITrapObject 3 }

hh3cPKICACertFinishTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The time when the CA certificate expires with a trap."
    ::= { hh3cPKITrapObject 4 }

hh3cPKICrlIssuer   OBJECT-TYPE
    SYNTAX DisplayString(SIZE(0..255))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The issuer of CRL with a trap."
    ::= { hh3cPKITrapObject 5 }

hh3cPKICrlStartTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The time when the CRL becomes effective with a trap."
    ::= { hh3cPKITrapObject 6 }

hh3cPKICrlFinishTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The time when CRL expires with a trap."
    ::= { hh3cPKITrapObject 7 }

hh3cPKIDomainName  OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..31))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The PKI domain name with a trap."
    ::= { hh3cPKITrapObject 8 }

hh3cPKICrlUrl   OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..1023))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The URL path of CRL with a trap."
    ::= { hh3cPKITrapObject 9 }

hh3cPKIVrfName   OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..31))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The VPN instance name with a trap."
    ::= { hh3cPKITrapObject 10 }

hh3cPKICertUrl   OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..1023))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The URL path of the certificate with a trap."
    ::= { hh3cPKITrapObject 11 }

hh3cPKILocalCertIssuer   OBJECT-TYPE
    SYNTAX DisplayString(SIZE(0..255))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The issuer of local certificate with a trap."
    ::= { hh3cPKITrapObject 12 }

hh3cPKILocalCertSubject   OBJECT-TYPE
    SYNTAX DisplayString(SIZE(0..255))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The subject of local certificate with a trap."
    ::= { hh3cPKITrapObject 13 }

hh3cPKILocalCertStartTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The time when the local certificate becomes effective with a trap."
    ::= { hh3cPKITrapObject 14 }

hh3cPKILocalCertFinishTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The time when the local certificate expires with a trap."
    ::= { hh3cPKITrapObject 15 }

hh3cPKIEntityName  OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..31))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The entity name with a trap."
    ::= { hh3cPKITrapObject 16 }

hh3cPKICertSave   OBJECT-TYPE
    SYNTAX DisplayString(SIZE(0..255))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The certificate save file name with a trap."
    ::= { hh3cPKITrapObject 17 }

hh3cPKICertUpdateTime   OBJECT-TYPE
    SYNTAX DateAndTime(SIZE(8 | 11))
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "Time when the certificate was updated with a trap."
    ::= { hh3cPKITrapObject 18 }

-- =======================================
-- Begin the hh3cPKITrapCntl.
-- =======================================

hh3cPKITrapCntl OBJECT IDENTIFIER ::= { hh3cPKIObjects 2 }

hh3cPKITrapGlobalCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether all PKI traps should be generated."
    ::= { hh3cPKITrapCntl 1 }

hh3cPKICACertInvalidTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKICACertInvalid traps should be generated."
    ::= { hh3cPKITrapCntl 2 }

hh3cPKICACertValidTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKICACertValid traps should be generated."
    ::= { hh3cPKITrapCntl 3 }

hh3cPKICrlInvalidTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKICrlInvalid traps should be generated."
    ::= { hh3cPKITrapCntl 4 }

hh3cPKICrlValidTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKICrlValid traps should be generated."
    ::= { hh3cPKITrapCntl 5 }

hh3cPKIGetCrlSucHttpTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetCrlSucHttp traps should be generated."
    ::= { hh3cPKITrapCntl 6 }

hh3cPKIGetCrlFailHttpTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetCrlFailHttp traps should be generated."
    ::= { hh3cPKITrapCntl 7 }

hh3cPKIGetCrlSucLdapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetCrlSucLdap traps should be generated."
    ::= { hh3cPKITrapCntl 8 }

hh3cPKIGetCrlFailLdapTrapCntl   OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetCrlFailLdap traps should be generated."
    ::= { hh3cPKITrapCntl 9 }

hh3cPKIGetCrlSucScepTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetCrlSucScep traps should be generated."
    ::= { hh3cPKITrapCntl 10 }

hh3cPKIGetCrlFailScepTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetCrlFailScep traps should be generated."
    ::= { hh3cPKITrapCntl 11 }

hh3cPKILocCertInvalidTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKILocalCertInvalid traps should be generated."
    ::= { hh3cPKITrapCntl 12 }

hh3cPKILocCertValidTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKILocalCertValid traps should be generated."
    ::= { hh3cPKITrapCntl 13 }

hh3cPKIGetLocCertSucLdapTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetLocalCertSucLdap traps should be generated."
    ::= { hh3cPKITrapCntl 14 }

hh3cPKIGetLocCertFailLdapTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetLocalCertFailLdap traps should be generated."
    ::= { hh3cPKITrapCntl 15 }

hh3cPKIGetLocCeSucScepTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetLocalCertSucScep traps should be generated."
    ::= { hh3cPKITrapCntl 16 }

hh3cPKIGetLocCeFailScepTrapCntl   OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIGetLocalCertFailScep traps should be generated."
    ::= { hh3cPKITrapCntl 17 }

hh3cPKILocCertNearExpirTrapCntl OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKILocalCertNearlyExpired traps should be generated."
    ::= { hh3cPKITrapCntl 18 }

hh3cPKILocCertHasExpirTrapCntl   OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKILocalCertHasExpired traps should be generated."
    ::= { hh3cPKITrapCntl 19 }

hh3cPKICrlHasExpiredTrapCntl   OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKICrlHasExpired traps should be generated."
    ::= { hh3cPKITrapCntl 20 }

hh3cPKIWriteToFlashFailTrapCntl   OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Indicates whether hh3cPKIWriteToFlashFail traps should be generated."
    ::= { hh3cPKITrapCntl 21 }

-- ================================================
-- definition of traps.
-- ================================================

hh3cPKITrap OBJECT IDENTIFIER ::= { hh3cPKIObjects 3 }
hh3cPKINotifications OBJECT IDENTIFIER ::= { hh3cPKITrap 0 }

hh3cPKICACertInvalid NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKICACertIssuer,
                hh3cPKICACertSubject,
                hh3cPKICACertStartTime,
                hh3cPKICACertFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CA
         certificate is invalid."
            ::= { hh3cPKINotifications 1 }

hh3cPKICACertValid  NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKICACertIssuer,
                hh3cPKICACertSubject,
                hh3cPKICACertStartTime,
                hh3cPKICACertFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CA
         certificate is valid."
            ::= { hh3cPKINotifications 2 }

hh3cPKICrlInvalid NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKICrlIssuer,
                hh3cPKICrlStartTime,
                hh3cPKICrlFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL
         is invalid."
            ::= { hh3cPKINotifications 3 }

hh3cPKICrlValid NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKICrlIssuer,
                hh3cPKICrlStartTime,
                hh3cPKICrlFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL
         is valid."
            ::= { hh3cPKINotifications 4 }

hh3cPKIGetCrlSucHttp NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKICrlUrl,
                hh3cPKIVrfName
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL is
         successfully obtained through the HTTP protocol."
            ::= { hh3cPKINotifications 5 }

hh3cPKIGetCrlFailHttp NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKICrlUrl,
                hh3cPKIVrfName
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL fails to
         be obtained through the HTTP protocol."
            ::= { hh3cPKINotifications 6 }

hh3cPKIGetCrlSucLdap NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKICrlUrl,
                hh3cPKIVrfName
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL is
         successfully obtained through the LDAP protocol."
            ::= { hh3cPKINotifications 7 }

hh3cPKIGetCrlFailLdap NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKICrlUrl,
                hh3cPKIVrfName
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL fails to
         be obtained through the LDAP protocol."
            ::= { hh3cPKINotifications 8 }

hh3cPKIGetCrlSucScep NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKIVrfName,
                hh3cPKICertUrl
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL
         is successfully obtained through the SCEP protocol."
            ::= { hh3cPKINotifications 9 }

hh3cPKIGetCrlFailScep NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKIVrfName,
                hh3cPKICertUrl
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the CRL
         fails to be obtained through the SCEP protocol."
            ::= { hh3cPKINotifications 10 }

hh3cPKILocalCertInvalid NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKILocalCertIssuer,
                hh3cPKILocalCertSubject,
                hh3cPKILocalCertStartTime,
                hh3cPKILocalCertFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local
         certificate is invalid."
            ::= { hh3cPKINotifications 11 }

hh3cPKILocalCertValid NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKILocalCertIssuer,
                hh3cPKILocalCertSubject,
                hh3cPKILocalCertStartTime,
                hh3cPKILocalCertFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local
         certificate is valid."
            ::= { hh3cPKINotifications 12 }

hh3cPKIGetLocalCertSucLdap NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKIVrfName,
                hh3cPKICertUrl,
                hh3cPKIEntityName,
                hh3cPKICertSave
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local certificate
         is successfully obtained through the LDAP protocol."
            ::= { hh3cPKINotifications 13 }

hh3cPKIGetLocalCertFailLdap NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKIVrfName,
                hh3cPKICertUrl,
                hh3cPKIEntityName,
                hh3cPKICertSave
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local certificate
         fails to be obtained through the LDAP protocol."
            ::= { hh3cPKINotifications 14 }

hh3cPKIGetLocalCertSucScep NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKIVrfName,
                hh3cPKICertUrl,
                hh3cPKICertSave,
                hh3cPKICertUpdateTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local certificate
         is successfully obtained through the SCEP protocol. When the local
         certificate is not obtained through renewal, hh3cPKICertUpdateTime is
         set to all zeros."
            ::= { hh3cPKINotifications 15 }

hh3cPKIGetLocalCertFailScep NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKIVrfName,
                hh3cPKICertUrl,
                hh3cPKICertSave,
                hh3cPKICertUpdateTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local certificate
         fails to be obtained through the SCEP protocol. When the local
         certificate is not obtained through renewal, hh3cPKICertUpdateTime is
         set to all zeros."
            ::= { hh3cPKINotifications 16 }

hh3cPKILocalCertNearlyExpired NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKILocalCertIssuer,
                hh3cPKILocalCertSubject,
                hh3cPKILocalCertStartTime,
                hh3cPKILocalCertFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the local
         certificate is about to expire."
            ::= { hh3cPKINotifications 17 }

hh3cPKILocalCertHasExpired NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKIDomainName,
                hh3cPKILocalCertIssuer,
                hh3cPKILocalCertSubject,
                hh3cPKILocalCertStartTime,
                hh3cPKILocalCertFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the
         local certificate has expired."
            ::= { hh3cPKINotifications 18 }

hh3cPKICrlHasExpired NOTIFICATION-TYPE
    OBJECTS {
                hh3cPKICrlIssuer,
                hh3cPKICrlStartTime,
                hh3cPKICrlFinishTime
            }
    STATUS     current
    DESCRIPTION
        "This notification is generated when the
         CRL expires."
            ::= { hh3cPKINotifications 19 }

hh3cPKIWriteToFlashFail NOTIFICATION-TYPE
    STATUS     current
    DESCRIPTION
        "This notification is generated in case of failure to write CRL or certificate to flash."
            ::= { hh3cPKINotifications 20 }

-- =======================================
-- Conformance Information
-- =======================================
hh3cPKIConformance   OBJECT IDENTIFIER
                         ::= { hh3cPKIMonitor 2 }
hh3cPKICompliances   OBJECT IDENTIFIER
                         ::= { hh3cPKIConformance 1 }
hh3cPKIGroups        OBJECT IDENTIFIER
                         ::= { hh3cPKIConformance 2 }

-- =======================================
-- Compliance Statements
-- =======================================
hh3cPKICompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
        " "
    MODULE -- this module
    MANDATORY-GROUPS
        {
            hh3cPKITrapObjectGroup,
            hh3cPKITrapCntlGroup,
            hh3cPKITrapGroup
        }
    ::= { hh3cPKICompliances 1 }

hh3cPKITrapObjectGroup OBJECT-GROUP
    OBJECTS {
                hh3cPKICACertIssuer,
                hh3cPKICACertSubject,
                hh3cPKICACertStartTime,
                hh3cPKICACertFinishTime,
                hh3cPKICrlIssuer,
                hh3cPKICrlStartTime,
                hh3cPKICrlFinishTime,
                hh3cPKIDomainName,
                hh3cPKICrlUrl,
                hh3cPKIVrfName,
                hh3cPKICertUrl,
                hh3cPKILocalCertIssuer,
                hh3cPKILocalCertSubject,
                hh3cPKILocalCertStartTime,
                hh3cPKILocalCertFinishTime,
                hh3cPKIEntityName,
                hh3cPKICertSave,
                hh3cPKICertUpdateTime
            }
    STATUS current
    DESCRIPTION
        "The group contains all of trap objects of PKI module."
    ::= { hh3cPKIGroups 1 }

hh3cPKITrapCntlGroup OBJECT-GROUP
    OBJECTS {
                hh3cPKITrapGlobalCntl,
                hh3cPKICACertInvalidTrapCntl,
                hh3cPKICACertValidTrapCntl,
                hh3cPKICrlInvalidTrapCntl,
                hh3cPKICrlValidTrapCntl,
                hh3cPKIGetCrlSucHttpTrapCntl,
                hh3cPKIGetCrlFailHttpTrapCntl,
                hh3cPKIGetCrlSucLdapCntl,
                hh3cPKIGetCrlFailLdapTrapCntl,
                hh3cPKIGetCrlSucScepTrapCntl,
                hh3cPKIGetCrlFailScepTrapCntl,
                hh3cPKILocCertInvalidTrapCntl,
                hh3cPKILocCertValidTrapCntl,
                hh3cPKIGetLocCertSucLdapTrapCntl,
                hh3cPKIGetLocCertFailLdapTrapCntl,
                hh3cPKIGetLocCeSucScepTrapCntl,
                hh3cPKIGetLocCeFailScepTrapCntl,
                hh3cPKILocCertNearExpirTrapCntl,
                hh3cPKILocCertHasExpirTrapCntl,
                hh3cPKICrlHasExpiredTrapCntl,
                hh3cPKIWriteToFlashFailTrapCntl
            }
    STATUS current
    DESCRIPTION
        "The group contains all of trap switches of PKI module."
    ::= { hh3cPKIGroups 2 }

hh3cPKITrapGroup  NOTIFICATION-GROUP
    NOTIFICATIONS {
                hh3cPKICACertInvalid,
                hh3cPKICACertValid,
                hh3cPKICrlInvalid,
                hh3cPKICrlValid,
                hh3cPKIGetCrlSucHttp,
                hh3cPKIGetCrlFailHttp,
                hh3cPKIGetCrlSucLdap,
                hh3cPKIGetCrlFailLdap,
                hh3cPKIGetCrlSucScep,
                hh3cPKIGetCrlFailScep,
                hh3cPKILocalCertInvalid,
                hh3cPKILocalCertValid,
                hh3cPKIGetLocalCertSucLdap,
                hh3cPKIGetLocalCertFailLdap,
                hh3cPKIGetLocalCertSucScep,
                hh3cPKIGetLocalCertFailScep,
                hh3cPKILocalCertNearlyExpired,
                hh3cPKILocalCertHasExpired,
                hh3cPKICrlHasExpired,
                hh3cPKIWriteToFlashFail
                  }
    STATUS current
    DESCRIPTION
        "The group contains all of trap of PKI module."
    ::= { hh3cPKIGroups 3 }

END

