/testing/guestbin/swan-prep --x509
Preparing X.509 files
east #
 certutil -D -n west -d sql:/etc/ipsec.d
east #
 ipsec start
Redirecting to: [initsystem]
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 # remove CA cert
east #
 certutil -D -d sql:/etc/ipsec.d -n "Libreswan test CA for mainca - Libreswan"
east #
 ipsec auto --add ikev2-westnet-eastnet-x509-cr
002 added connection description "ikev2-westnet-eastnet-x509-cr"
east #
 echo "initdone"
initdone
east #
 hostname | grep east > /dev/null && grep -E ": ERROR:|: X509:" /tmp/pluto.log
"ikev2-westnet-eastnet-x509-cr" #1: ERROR: Peer's Certificate issuer is not recognized.
"ikev2-westnet-eastnet-x509-cr" #1: X509: Certificate rejected for this connection
"ikev2-westnet-eastnet-x509-cr" #1: X509: CERT payload bogus or revoked
east #
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi