1<?xml version="1.0" encoding="UTF-8"?> 2<!----> 3<!--################################################################################ --> 4<!--# Redfish Schema: CertificateEnrollment v1.0.0 --> 5<!--# --> 6<!--# For a detailed change log, see the README file contained in the DSP8010 bundle, --> 7<!--# available at http://www.dmtf.org/standards/redfish --> 8<!--# # Copyright 2014-2025 DMTF. --> 9<!--# For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright --> 10<!--################################################################################ --> 11<!----> 12<edmx:Edmx xmlns:edmx="http://docs.oasis-open.org/odata/ns/edmx" Version="4.0"> 13 14 <edmx:Reference Uri="http://docs.oasis-open.org/odata/odata/v4.0/errata03/csd01/complete/vocabularies/Org.OData.Core.V1.xml"> 15 <edmx:Include Namespace="Org.OData.Core.V1" Alias="OData"/> 16 </edmx:Reference> 17 <edmx:Reference Uri="http://docs.oasis-open.org/odata/odata/v4.0/errata03/csd01/complete/vocabularies/Org.OData.Capabilities.V1.xml"> 18 <edmx:Include Namespace="Org.OData.Capabilities.V1" Alias="Capabilities"/> 19 </edmx:Reference> 20 <edmx:Reference Uri="http://redfish.dmtf.org/schemas/v1/Resource_v1.xml"> 21 <edmx:Include Namespace="Resource"/> 22 <edmx:Include Namespace="Resource.v1_0_0"/> 23 </edmx:Reference> 24 <edmx:Reference Uri="http://redfish.dmtf.org/schemas/v1/RedfishExtensions_v1.xml"> 25 <edmx:Include Namespace="RedfishExtensions.v1_0_0" Alias="Redfish"/> 26 <edmx:Include Namespace="Validation.v1_0_0" Alias="Validation"/> 27 </edmx:Reference> 28 <edmx:Reference Uri="http://redfish.dmtf.org/schemas/v1/CertificateCollection_v1.xml"> 29 <edmx:Include Namespace="CertificateCollection"/> 30 </edmx:Reference> 31 <edmx:Reference Uri="http://redfish.dmtf.org/schemas/v1/Certificate_v1.xml"> 32 <edmx:Include Namespace="Certificate"/> 33 </edmx:Reference> 34 35 <edmx:DataServices> 36 37 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="CertificateEnrollment"> 38 <Annotation Term="Redfish.OwningEntity" String="DMTF"/> 39 <Annotation Term="Redfish.Language" String="en"/> 40 41 <EntityType Name="CertificateEnrollment" BaseType="Resource.v1_0_0.Resource" Abstract="true"> 42 <Annotation Term="OData.Description" String="This resource shall represent an automatic certificate enrollment for a Redfish implementation."/> 43 <Annotation Term="OData.LongDescription" String="The `CertificateEnrollment` schema describes an automatic certificate enrollment for a specific protocol such as ACME (Automatic Certificate Management Environment) or SCEP (Simple Certificate Enrollment Protocol)."/> 44 <Annotation Term="Capabilities.InsertRestrictions"> 45 <Record> 46 <PropertyValue Property="Insertable" Bool="false"/> 47 </Record> 48 </Annotation> 49 <Annotation Term="Capabilities.UpdateRestrictions"> 50 <Record> 51 <PropertyValue Property="Updatable" Bool="true"/> 52 </Record> 53 </Annotation> 54 <Annotation Term="Capabilities.DeleteRestrictions"> 55 <Record> 56 <PropertyValue Property="Deletable" Bool="true"/> 57 <Annotation Term="OData.Description" String="Use the `DELETE` operation to remove automatic certificate enrollment."/> 58 </Record> 59 </Annotation> 60 <Annotation Term="Redfish.Uris"> 61 <Collection> 62 <String>/redfish/v1/CertificateService/CertificateEnrollments/{CertificateEnrollmentId}</String> 63 </Collection> 64 </Annotation> 65 </EntityType> 66 67 <EnumType Name="EnrollmentProtocolType"> 68 <Member Name="ACME"> 69 <Annotation Term="OData.Description" String="Automatic Certificate Management Environment (ACME) protocol."/> 70 <Annotation Term="OData.LongDescription" String="This value shall indicate the enrollment uses the Automatic Certificate Management Environment (ACME) protocol as defined by RFC8555."/> 71 </Member> 72 <Member Name="SCEP"> 73 <Annotation Term="OData.Description" String="Simple Certificate Enrollment Protocol (SCEP)."/> 74 <Annotation Term="OData.LongDescription" String="This value shall indicate the enrollment uses the Simple Certificate Enrollment Protocol (SCEP) protocol as defined by RFC8894."/> 75 </Member> 76 <Member Name="OEM"> 77 <Annotation Term="OData.Description" String="OEM enrollment protocol."/> 78 <Annotation Term="OData.LongDescription" String="This value shall indicate the OEM enrollment protocol type."/> 79 </Member> 80 </EnumType> 81 </Schema> 82 83 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="CertificateEnrollment.v1_0_0"> 84 <Annotation Term="Redfish.OwningEntity" String="DMTF"/> 85 <Annotation Term="Redfish.Release" String="2025.3"/> 86 87 <EntityType Name="CertificateEnrollment" BaseType="CertificateEnrollment.CertificateEnrollment"> 88 <Property Name="EnrollmentType" Type="CertificateEnrollment.EnrollmentProtocolType" Nullable="false"> 89 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> 90 <Annotation Term="OData.Description" String="The configured automatic certificate enrollment protocol."/> 91 <Annotation Term="OData.LongDescription" String="This property shall contain the configured automatic certificate enrollment protocol."/> 92 <Annotation Term="Redfish.RequiredOnCreate"/> 93 </Property> 94 <Property Name="Enabled" Type="Edm.Boolean" Nullable="false"> 95 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 96 <Annotation Term="OData.Description" String="An indication of whether this automatic certificate enrollment is enabled."/> 97 <Annotation Term="OData.LongDescription" String="This property shall indicate whether this automatic certificate enrollment is enabled. If `true`, the implementation shall automatically enroll and renew certificates according to the configuration. If `false`, the implementation shall not perform automatic certificate enrollment operations. If this property is not specified by the client in the create request, it shall be assumed to be `false`."/> 98 </Property> 99 <Property Name="ServerURI" Type="Edm.String" Nullable="false"> 100 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 101 <Annotation Term="OData.Description" String="The URI of the certificate enrollment server."/> 102 <Annotation Term="OData.LongDescription" String="This property shall contain the URI of the certificate enrollment server that provides the automatic enrollment service."/> 103 <Annotation Term="Redfish.RequiredOnCreate"/> 104 <Annotation Term="OData.IsURL"/> 105 </Property> 106 <Property Name="VerifyCertificate" Type="Edm.Boolean"> 107 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 108 <Annotation Term="OData.Description" String="An indication of whether the service will verify the certificate of the server referenced by the `ServerURI` property."/> 109 <Annotation Term="OData.LongDescription" String="This property shall indicate whether the service will verify the certificate of the server referenced by the `ServerURI` property with the certificates found in the collection referenced by the `Certificates` property. If this property is not supported by the service or specified by the client in the create request, it shall be assumed to be `false`. Regardless of the value of this property, services may perform additional verification based on other factors, such as the configuration of the `SecurityPolicy` resource."/> 110 </Property> 111 <Property Name="RenewBeforeExpiryDays" Type="Edm.Int64"> 112 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 113 <Annotation Term="OData.Description" String="The number of days before certificate expiry to begin automatic renewal of the certificate."/> 114 <Annotation Term="OData.LongDescription" String="This property shall contain the number of days before certificate expiry to begin automatic renewal of the certificate."/> 115 <Annotation Term="Validation.Minimum" Int="1"/> 116 </Property> 117 <Property Name="ACME" Type="CertificateEnrollment.v1_0_0.ACMEConfiguration"> 118 <Annotation Term="OData.Description" String="ACME (Automatic Certificate Management Environment) protocol specific configuration for automatic certificate enrollment."/> 119 <Annotation Term="OData.LongDescription" String="This property shall contain configuration specific to the ACME protocol. This property shall only be present when the `EnrollmentType` property contains `ACME`."/> 120 </Property> 121 <Property Name="SCEP" Type="CertificateEnrollment.v1_0_0.SCEPConfiguration"> 122 <Annotation Term="OData.Description" String="SCEP (Simple Certificate Enrollment Protocol) protocol specific configuration for automatic certificate enrollment."/> 123 <Annotation Term="OData.LongDescription" String="This property shall contain configuration specific to the SCEP protocol. This property shall only be present when the `EnrollmentType` property contains `SCEP`."/> 124 </Property> 125 <Property Name="CSRParameters" Type="CertificateEnrollment.v1_0_0.CSRParameters"> 126 <Annotation Term="OData.Description" String="The certificate signing request parameters."/> 127 <Annotation Term="OData.LongDescription" String="This property shall contain the parameters used for generating the certificate signing request."/> 128 </Property> 129 <Property Name="Links" Type="CertificateEnrollment.v1_0_0.Links" Nullable="false"> 130 <Annotation Term="OData.Description" String="The links to other resources that are related to this resource."/> 131 <Annotation Term="OData.LongDescription" String="This property shall contain links to resources that are related to but are not contained by, or subordinate to, this resource."/> 132 </Property> 133 <Property Name="EnrollmentState" Type="CertificateEnrollment.v1_0_0.EnrollmentState"> 134 <Annotation Term="OData.Description" String="The status information for this enrollment."/> 135 <Annotation Term="OData.LongDescription" String="This property shall contain the status information for this enrollment including the last operation performed and its status."/> 136 </Property> 137 <Property Name="Actions" Type="CertificateEnrollment.v1_0_0.Actions" Nullable="false"> 138 <Annotation Term="OData.Description" String="The available actions for this resource."/> 139 <Annotation Term="OData.LongDescription" String="This property shall contain the available actions for this resource."/> 140 </Property> 141 </EntityType> 142 143 <EnumType Name="LastOperationType"> 144 <Member Name="Renew"> 145 <Annotation Term="OData.Description" String="Certificate renewal operation."/> 146 </Member> 147 <Member Name="UpdateAcmeEmail"> 148 <Annotation Term="OData.Description" String="Update ACME email operation. Applicable only when the enrollment protocol is ACME."/> 149 </Member> 150 </EnumType> 151 152 <EnumType Name="OperationStatus"> 153 <Member Name="Success"> 154 <Annotation Term="OData.Description" String="The operation completed successfully."/> 155 </Member> 156 <Member Name="Failed"> 157 <Annotation Term="OData.Description" String="The operation failed."/> 158 </Member> 159 <Member Name="InProgress"> 160 <Annotation Term="OData.Description" String="The operation is in progress."/> 161 </Member> 162 <Member Name="Unknown"> 163 <Annotation Term="OData.Description" String="The operation status is unknown."/> 164 </Member> 165 </EnumType> 166 167 <EnumType Name="ACMEChallengeType"> 168 <Member Name="Http01"> 169 <Annotation Term="OData.Description" String="HTTP challenge type for domain validation."/> 170 <Annotation Term="OData.LongDescription" String="This value shall indicate the RFC8555-defined http-01 challenge type for domain validation."/> 171 </Member> 172 <Member Name="Dns01"> 173 <Annotation Term="OData.Description" String="DNS challenge type for domain validation."/> 174 <Annotation Term="OData.LongDescription" String="This value shall indicate the RFC8555-defined dns-01 challenge type for domain validation."/> 175 </Member> 176 </EnumType> 177 178 <ComplexType Name="ACMEConfiguration"> 179 <Annotation Term="OData.AdditionalProperties" Bool="false"/> 180 <Annotation Term="OData.Description" String="ACME protocol specific configuration."/> 181 <Annotation Term="OData.LongDescription" String="This type shall contain configuration specific to the ACME protocol."/> 182 <Property Name="Email" Type="Edm.String"> 183 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 184 <Annotation Term="OData.Description" String="The email address for ACME account registration."/> 185 <Annotation Term="OData.LongDescription" String="This property shall contain the email address used for ACME account registration and notifications."/> 186 </Property> 187 <Property Name="EABKeyId" Type="Edm.String"> 188 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Write"/> 189 <Annotation Term="OData.Description" String="The external account binding (EAB) key identifier."/> 190 <Annotation Term="OData.LongDescription" String="This property shall contain the external account binding (EAB) key identifier used for ACME account registration with certificate authorities that require EAB. This property shall be `null` in responses."/> 191 </Property> 192 <Property Name="EABKey" Type="Edm.String"> 193 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Write"/> 194 <Annotation Term="OData.Description" String="The external account binding (EAB) key value."/> 195 <Annotation Term="OData.LongDescription" String="This property shall contain a Base64-encoded string, with padding characters, of the external account binding (EAB) key value used for ACME account registration with certificate authorities that require EAB. This property shall be `null` in responses."/> 196 </Property> 197 <Property Name="ChallengeType" Type="CertificateEnrollment.v1_0_0.ACMEChallengeType"> 198 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 199 <Annotation Term="OData.Description" String="The ACME challenge type used for domain validation."/> 200 <Annotation Term="OData.LongDescription" String="This property shall contain the ACME challenge type used for domain validation during automatic certificate enrollment."/> 201 </Property> 202 </ComplexType> 203 204 <ComplexType Name="SCEPConfiguration"> 205 <Annotation Term="OData.AdditionalProperties" Bool="false"/> 206 <Annotation Term="OData.Description" String="SCEP protocol specific configuration."/> 207 <Annotation Term="OData.LongDescription" String="This type shall contain configuration specific to the SCEP protocol."/> 208 <Property Name="ChallengePassword" Type="Edm.String"> 209 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Write"/> 210 <Annotation Term="OData.Description" String="The challenge password for SCEP enrollment."/> 211 <Annotation Term="OData.LongDescription" String="This property shall contain the challenge password used for SCEP enrollment. This property shall be `null` in responses."/> 212 </Property> 213 </ComplexType> 214 215 <ComplexType Name="EnrollmentState"> 216 <Annotation Term="OData.AdditionalProperties" Bool="false"/> 217 <Annotation Term="OData.Description" String="The status information for an enrollment."/> 218 <Annotation Term="OData.LongDescription" String="This type shall contain the status information for an enrollment including the last operation performed and its status."/> 219 <Property Name="LastOperation" Type="CertificateEnrollment.v1_0_0.LastOperationType"> 220 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> 221 <Annotation Term="OData.Description" String="The last operation performed by the automatic enrollment service."/> 222 <Annotation Term="OData.LongDescription" String="This property shall contain the last operation performed by the automatic enrollment service."/> 223 </Property> 224 <Property Name="LastOperationTime" Type="Edm.DateTimeOffset"> 225 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> 226 <Annotation Term="OData.Description" String="The date and time when the last operation was performed."/> 227 <Annotation Term="OData.LongDescription" String="This property shall contain the date and time when the last operation was performed by the automatic enrollment service."/> 228 </Property> 229 <Property Name="LastOperationStatus" Type="CertificateEnrollment.v1_0_0.OperationStatus"> 230 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> 231 <Annotation Term="OData.Description" String="The status of the last operation performed by automatic enrollment service."/> 232 <Annotation Term="OData.LongDescription" String="This enumeration shall describe the status of the last operation performed by automatic enrollment service."/> 233 </Property> 234 </ComplexType> 235 236 <ComplexType Name="CSRParameters"> 237 <Annotation Term="OData.Description" String="Certificate signing request parameters."/> 238 <Annotation Term="OData.LongDescription" String="This type shall contain the parameters for generating a certificate signing request."/> 239 <Property Name="CommonName" Type="Edm.String" Nullable="false"> 240 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 241 <Annotation Term="OData.Description" String="The fully qualified domain name of the component to secure."/> 242 <Annotation Term="OData.LongDescription" String="This property shall contain the fully qualified domain name of the component to secure, as defined by the RFC5280 'commonName' attribute."/> 243 </Property> 244 <Property Name="AlternativeNames" Type="Collection(Edm.String)"> 245 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 246 <Annotation Term="OData.Description" String="The additional host names of the component to secure."/> 247 <Annotation Term="OData.LongDescription" String="This property shall contain an array of additional host names of the component to secure, as defined by the RFC5280 'subjectAltName' attribute."/> 248 </Property> 249 <Property Name="Organization" Type="Edm.String"> 250 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 251 <Annotation Term="OData.Description" String="The name of the organization making the request."/> 252 <Annotation Term="OData.LongDescription" String="This property shall contain the name of the organization making the request, as defined by the RFC5280 'organizationName' attribute."/> 253 </Property> 254 <Property Name="OrganizationalUnit" Type="Edm.String"> 255 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 256 <Annotation Term="OData.Description" String="The name of the unit or division of the organization making the request."/> 257 <Annotation Term="OData.LongDescription" String="This property shall contain the name of the unit or division of the organization making the request, as defined by the RFC5280 'organizationalUnitName' attribute."/> 258 </Property> 259 <Property Name="City" Type="Edm.String"> 260 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 261 <Annotation Term="OData.Description" String="The city or locality of the organization making the request."/> 262 <Annotation Term="OData.LongDescription" String="This property shall contain the city or locality of the organization making the request, as defined by the RFC5280 'localityName' attribute."/> 263 </Property> 264 <Property Name="State" Type="Edm.String"> 265 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 266 <Annotation Term="OData.Description" String="The state, province, or region of the organization making the request."/> 267 <Annotation Term="OData.LongDescription" String="This property shall contain the state, province, or region of the organization making the request, as defined by the RFC5280 'stateOrProvinceName' attribute."/> 268 </Property> 269 <Property Name="Country" Type="Edm.String"> 270 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 271 <Annotation Term="OData.Description" String="The two-letter country code of the organization making the request."/> 272 <Annotation Term="OData.LongDescription" String="This property shall contain the two-letter ISO code for the country of the organization making the request, as defined by the RFC5280 'countryName' attribute."/> 273 </Property> 274 <Property Name="Email" Type="Edm.String"> 275 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 276 <Annotation Term="OData.Description" String="The email address of the contact within the organization making the request."/> 277 <Annotation Term="OData.LongDescription" String="This property shall contain the email address of the contact within the organization making the request, as defined by the RFC2985 'emailAddress' attribute."/> 278 </Property> 279 <Property Name="KeyPairAlgorithm" Type="Edm.String"> 280 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 281 <Annotation Term="OData.Description" String="The type of key-pair for use with signing algorithms."/> 282 <Annotation Term="OData.LongDescription" String="This property shall contain the type of key-pair for use with signing algorithms. The allowable values for this property shall be the strings in the 'Algorithm Name' field of the 'TPM_ALG_ID Constants' table within the 'Trusted Computing Group Algorithm Registry'."/> 283 </Property> 284 <Property Name="KeyBitLength" Type="Edm.Int64"> 285 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 286 <Annotation Term="OData.Description" String="The length of the key, in bits, if needed based on the `KeyPairAlgorithm` property value."/> 287 <Annotation Term="OData.LongDescription" String="This property shall contain the length of the key, in bits, if needed based on the `KeyPairAlgorithm` property value."/> 288 </Property> 289 <Property Name="KeyCurveId" Type="Edm.String"> 290 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 291 <Annotation Term="OData.Description" String="The curve ID to use with the key, if needed based on the `KeyPairAlgorithm` property value."/> 292 <Annotation Term="OData.LongDescription" String="This property shall contain the curve ID to use with the key, if needed based on the `KeyPairAlgorithm` property value. The allowable values for this property shall be the strings in the 'Name' field of the 'TPM_ECC_CURVE Constants' table within the 'Trusted Computing Group Algorithm Registry'."/> 293 </Property> 294 <Property Name="KeyUsage" Type="Collection(Certificate.KeyUsage)"> 295 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 296 <Annotation Term="OData.Description" String="The usage of the key contained in the certificate."/> 297 <Annotation Term="OData.LongDescription" String="This property shall contain the usage of the key contained in the certificate. If the client does not provide this value, the service can determine the appropriate key usage settings in the certificate signing request."/> 298 </Property> 299 <Property Name="Surname" Type="Edm.String"> 300 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 301 <Annotation Term="OData.Description" String="The surname of the user making the request."/> 302 <Annotation Term="OData.LongDescription" String="This property shall contain the surname of the user making the request, as defined by the RFC5280 'surname' attribute."/> 303 </Property> 304 <Property Name="GivenName" Type="Edm.String"> 305 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 306 <Annotation Term="OData.Description" String="The given name of the user making the request."/> 307 <Annotation Term="OData.LongDescription" String="This property shall contain the given name of the user making the request, as defined by the RFC5280 'givenName' attribute."/> 308 </Property> 309 <Property Name="Initials" Type="Edm.String"> 310 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 311 <Annotation Term="OData.Description" String="The initials of the user making the request."/> 312 <Annotation Term="OData.LongDescription" String="This property shall contain the initials of the user making the request, as defined by the RFC5280 'initials' attribute."/> 313 </Property> 314 <Property Name="ChallengePassword" Type="Edm.String"> 315 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 316 <Annotation Term="OData.Description" String="The challenge password to apply to the certificate for revocation requests."/> 317 <Annotation Term="OData.LongDescription" String="This property shall contain the challenge password to apply to the certificate for revocation requests as defined by the RFC2985 'challengePassword' attribute."/> 318 </Property> 319 <Property Name="UnstructuredName" Type="Edm.String"> 320 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 321 <Annotation Term="OData.Description" String="The unstructured name of the subject."/> 322 <Annotation Term="OData.LongDescription" String="This property shall contain the unstructured name of the subject, as defined by the RFC2985 'unstructuredName' attribute."/> 323 </Property> 324 <Property Name="ContactPerson" Type="Edm.String"> 325 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 326 <Annotation Term="OData.Description" String="The name of the user making the request."/> 327 <Annotation Term="OData.LongDescription" String="This property shall contain the name of the user making the request, as defined by the RFC5280 'name' attribute."/> 328 </Property> 329 </ComplexType> 330 331 <ComplexType Name="Actions"> 332 <Annotation Term="OData.AdditionalProperties" Bool="false"/> 333 <Annotation Term="OData.Description" String="The available actions for this resource."/> 334 <Annotation Term="OData.LongDescription" String="This type shall contain the available actions for this resource."/> 335 <Property Name="Oem" Type="CertificateEnrollment.v1_0_0.OemActions" Nullable="false"> 336 <Annotation Term="OData.Description" String="The available OEM-specific actions for this resource."/> 337 <Annotation Term="OData.LongDescription" String="This property shall contain the available OEM-specific actions for this resource."/> 338 </Property> 339 </ComplexType> 340 341 <ComplexType Name="Links" BaseType="Resource.Links"> 342 <Annotation Term="OData.Description" String="The links to other resources that are related to this resource."/> 343 <Annotation Term="OData.LongDescription" String="This Redfish Specification-described type shall contain links to resources that are related to but are not contained by, or subordinate to, this resource."/> 344 <NavigationProperty Name="EnrolledCertificateLocation" Type="CertificateCollection.CertificateCollection"> 345 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 346 <Annotation Term="OData.Description" String="The link to the certificate collection where the enrolled certificate will be installed."/> 347 <Annotation Term="OData.LongDescription" String="This property shall contain a link to a resource collection of type `CertificateCollection` where the enrolled certificate will be installed."/> 348 <Annotation Term="Redfish.RequiredOnCreate"/> 349 <Annotation Term="OData.AutoExpandReferences"/> 350 </NavigationProperty> 351 <NavigationProperty Name="EnrolledCertificate" Type="Certificate.Certificate"> 352 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> 353 <Annotation Term="OData.Description" String="The link to the enrolled certificate."/> 354 <Annotation Term="OData.LongDescription" String="This property shall contain a link to the enrolled certificate."/> 355 <Annotation Term="OData.AutoExpandReferences"/> 356 </NavigationProperty> 357 <NavigationProperty Name="CACertificates" Type="Collection(Certificate.Certificate)"> 358 <Annotation Term="OData.Permissions" EnumMember="OData.Permission/ReadWrite"/> 359 <Annotation Term="OData.Description" String="The list of server certificates for the server referenced by the `ServerURI` property."/> 360 <Annotation Term="OData.LongDescription" String="The list of references to server certificates for the server referenced by the `ServerURI` property. Members of this array shall reference members the `EnrollmentCACertificates` property in the `CertificateService` resource. If `VerifyCertificate` contains `true` and this property is present, services shall compare the certificates in this list with the certificate obtained during handshaking with the enrollment server in order to verify the identity of the enrollment server. If `VerifyCertificate` contains `true` and this property is absent, services shall compare the certificates in the `EnrollmentCACertificates` property in the `CertificateService` resource with the certificate obtained during handshaking with the enrollment server. If the server cannot be verified, the service shall fail the automatic certificate enrollment. If `VerifyCertificate` is `false`, the service shall not perform certificate verification. Regardless of the contents of this list and the `EnrollmentCACertificates` property in the `CertificateService` resource, services may perform additional verification based on other factors, such as the configuration of the `SecurityPolicy` resource."/> 361 <Annotation Term="OData.AutoExpandReferences"/> 362 </NavigationProperty> 363 </ComplexType> 364 365 <ComplexType Name="OemActions"> 366 <Annotation Term="OData.AdditionalProperties" Bool="true"/> 367 <Annotation Term="OData.Description" String="The available OEM-specific actions for this resource."/> 368 <Annotation Term="OData.LongDescription" String="This type shall contain the available OEM-specific actions for this resource."/> 369 </ComplexType> 370 </Schema> 371 372 </edmx:DataServices> 373</edmx:Edmx> 374