snmpCertSet (Function)

 Top  Previous  Next

Architecture:

NX32L

Device support:

All NX devices

Firmware version:

1.52.00

This function is used to insert or remove a certificate in the list of allowed peer devices. (see security in overview)

The list of certificates are persistent and will not be lost when the device is reset.

 

 

Input:

Index : SINT (1..25)

The index of the certificate.

 

Cert : STRING

The name of the certificate. Leave empty to remove a certificate.

 

Returns: INT

1

- Success.

0

- This function is not supported.

-2

- Illegal parameter

-4

- The certificate is already present.

 

Declaration

FUNCTION snmpCertSet : INT;
VAR_INPUT
  index : MANDATORY SINT;
  cert  : MANDATORY STRING;
END_VAR;

 

Example:

INCLUDE rtcu.inc
 
VAR
  iface    : SINT := 2;
END_VAR;
 
FUNCTION show_cert
VAR_INPUT
  index : SINT;
END_VAR;
VAR
  str   : STRING;
  name  : STRING;
  rc    : INT;
END_VAR;
 
  // Prefix
  str := strFormat(format := "Certificate \1: ", v1 := index);
 
  // Get certificate
  rc := snmpCertGet(index := index, cert := name);
  IF rc < 1 THEN
    DebugFmt(message := str + "snmpCertGet=\1", v1 := rc);
    RETURN;
  END_IF;
 
  // Show
  IF strLen(str := name) = 0 THEN
    DebugMsg(message := str + "<EMPTY>");
  ELSE
    DebugMsg(message := str + name);
  END_IF;
 
END_FUNCTION;
 
PROGRAM example;
VAR
  i        : SINT;
  rc       : INT;
  handle   : SYSHANDLE;
END_VAR;
 
  // Iterate certificates
  DebugMsg(message := "--------------------------------------------------");
  FOR i := 1 TO 10 DO
    show_cert(index := i);
  END_FOR;
 
  // Set certificate
  rc := snmpCertSet(index := 1, cert := "snmp_agent");
  IF rc < 1 THEN
    DebugFmt(message := "snmpCertSet=\1", v1 := rc);
  END_IF;
 
  // Configure
  rc := snmpSecurityConfig(
                          localcert := "snmp_manager",
                          engineid  := "8000000001020304"
                          );
  IF rc < 1 THEN
    DebugFmt(message := "snmpSecurityConfig=\1", v1 := rc);
  END_IF;
 
  // Open net interface.
  rc := netOpen(iface := iface);
  DebugFmt(Message := "netOpen (rc=\1)", v1 := rc);
  WHILE NOT netConnected(iface := iface) DO
    Sleep(Delay := 2000);
  END_WHILE;
  DebugMsg(Message := "Network connected");
 
  // Start to listen for traps
  rc := snmpStartListen(
                        handle    := handle,
                        port      := 10162,
                        community := "public",
                        security  := _SNMP_SEC_TLS
                       );
  IF rc < 1 THEN
    DebugFmt(message := "snmpStartListen=\1", v1 := rc);
  END_IF;
  rc := snmpRegisterTrap(oid := "1.3.6.1.4.1.6101.1.8.8.2.6");
  IF rc < 1 THEN
    DebugFmt(message := "snmpRegisterTrap=\1", v1 := rc);
  END_IF;
  DebugMsg(Message := "Ready");
 
BEGIN
END;
END_PROGRAM;