/testing/guestbin/swan-prep --x509
Preparing X.509 files
east #
 ipsec certutil -D -n west
east #
 ipsec start
Redirecting to: [initsystem]
east #
 ../../guestbin/wait-until-pluto-started
east #
 # down'ed conn must remain down
east #
 ipsec whack --impair revival
east #
 ipsec auto --add san
"san": added IKEv2 connection
east #
 echo "initdone"
initdone
east #
 # confirm all verifications used the NSS IPsec profile and not TLS client/server profile
east #
 grep profile /tmp/pluto.log  | grep -v Starting
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
| verify_end_cert trying profile IPsec
| certificate is valid (profile IPsec)
east #
 
