--- /dev/null
+module o-ran-certificates {
+ yang-version 1.1;
+ namespace "urn:o-ran:certificates:1.0";
+ prefix "o-ran-cert";
+
+ import ietf-x509-cert-to-name {
+ prefix x509c2n;
+ reference
+ "RFC 7407: A YANG Data Model for SNMP Configuration";
+ }
+
+ organization "O-RAN Alliance";
+
+ contact
+ "www.o-ran.org";
+
+ description
+ "This module defines the certificates model for the O-RAN Equipment authorization.
+
+ Copyright 2022 the O-RAN Alliance.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS'
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the above disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the above disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the Members of the O-RAN Alliance nor the names of its
+ contributors may be used to endorse or promote products derived from
+ this software without specific prior written permission.";
+
+ revision "2022-08-15" {
+ description
+ "version 10.0.0
+
+ 1) initial version";
+
+ reference "ORAN-WG4.M.0-v10.00";
+ }
+
+ grouping cert-maps {
+ uses x509c2n:cert-to-name;
+ description
+ "The cert-maps container is used by a TLS-
+ based NETCONF server to map the NETCONF
+ client's presented X.509 certificate to
+ a NETCONF username. If no matching and
+ valid cert-to-name list entry can be found,
+ then the NETCONF server MUST close the
+ connection, and MUST NOT accept NETCONF
+ messages over it.
+ Note - when included, the /cert-to-name/name refers to the schema node
+ users/user/name in o-ran-usermgmt.yang";
+ reference
+ "RFC 7407: NETCONF over TLS, Section 7";
+ }
+
+ container certificate-parameters {
+ description
+ "Top Level Container for all certificate related parameters";
+
+ container cert-maps {
+ description
+ "Container for certificate maps";
+
+ uses cert-maps;
+ }
+ }
+}