Versions Compared

Old Version 4

changes.mady.by.user Administrator

Saved on

compared with

New Version 5

changes.mady.by.user Administrator

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Create a target and set its address if the SNMP instance is command generator:
Code Block
String sn = "myTlsSecurityName";
CertifiedTarget ct = new CertifiedTarget(new OctetString(sn));
ct.setSecurityModel(SecurityModel.SECURITY_MODEL_TSM);
ct.setAddress(GenericAddress.parse("tls:127.0.0.1/161"));
  • Configure the SecurityCallback If the SNMP instance is a command responder or if one of the following applies then configure the TlsSecurityCallback for the TLSTM instance (see RFC 5953):
    1. The Java virtual machine of the SNMP instance has a key store configured with more than one certificate (then a certificate has to be selected by the http://www.snmp4j.org/doc/org/snmp4j/transport/tls/TlsTmSecurityCallback.html#getLocalCertificateAlias(org.snmp4j.smi.Address) method).
    2. No trust key store has been configured or additional trusts (on top of the trust key store) should be established, for example through the mapping rules defined by RFC 5953.  
Code Block
// add the distinguished name (DN) of the certificates we want to accept as peer:
securityCallback.addAcceptedSubjectDN("EMAILADDRESS=info@company.com, C=US, CN=Foo Bar");