/testing/guestbin/swan-prep --x509
Preparing X.509 files
east #
 certutil -D -n west -d sql:/etc/ipsec.d
east #
 ipsec start
Redirecting to: [initsystem]
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 # remove CA cert
east #
 certutil -D -d sql:/etc/ipsec.d -n "Libreswan test CA for mainca - Libreswan"
east #
 # insert a different CAcert to avoid NSS aborting for having no CA at all
east #
 pk12util -W foobar -K '' -d sql:/etc/ipsec.d -i /testing//x509/pkcs12/badca/badeast.p12
pk12util: PKCS12 IMPORT SUCCESSFUL
east #
 ipsec auto --add ikev2-westnet-eastnet-x509-cr
002 "ikev2-westnet-eastnet-x509-cr": added IKEv2 connection
east #
 echo "initdone"
initdone
east #
 hostname | grep east > /dev/null && grep -E "no Certificate Authority in NSS Certificate DB|authentication using rsasig failed" /tmp/pluto.log
"ikev2-westnet-eastnet-x509-cr" #1: no Certificate Authority in NSS Certificate DB! certificate payloads discarded
"ikev2-westnet-eastnet-x509-cr" #1: Digital Signature authentication using rsasig failed in I2 Auth Payload
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
east #
 
