testing: Use a single OCSP responder for ikev2-multi-ca/ocsp-signers scenario

This demonstrates the multi-CA capabilities of the pki --ocsp command.

testing/tests/ikev2-multi-ca/ocsp-signers/hosts/moon/etc/swanctl/swanctl.conf

@@ -11,11 +11,11 @@ connections {
       remote {
          auth = pubkey
          cacerts = researchCert.pem
-         revocation = ifuri 
+         revocation = ifuri
       }
       children {
          alice {
-            local_ts  = 10.1.0.10/32 
+            local_ts  = 10.1.0.10/32
             esp_proposals = aes128-sha256-ecp256
          }
       }
@@ -34,7 +34,7 @@ connections {
       remote {
          auth = pubkey
          cacerts = salesCert.pem
-         revocation = ifuri 
+         revocation = ifuri
       }
       children {
          venus {
@@ -56,11 +56,11 @@ authorities {
 
    research {
       cacert = researchCert.pem
-      ocsp_uris = http://ocsp.strongswan.org:8881
+      ocsp_uris = http://ocsp.strongswan.org:8880
    }
 
    sales {
       cacert = salesCert.pem
-      ocsp_uris = http://ocsp.strongswan.org:8882
+      ocsp_uris = http://ocsp.strongswan.org:8880
    }
 }

testing/tests/ikev2-multi-ca/ocsp-signers/hosts/winnetou/etc/ca/ocsp/ocsp.cgi

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+cd /etc/ca
+
+echo "Content-type: application/ocsp-response"
+echo ""
+
+cat | pki --ocsp --respond \
+		  --cacert strongswanCert.pem --index index.txt \
+		  --cert ocspCert.pem --key ocspKey.pem \
+		  --cacert research/researchCert.pem --index research/index.txt \
+		  --cert research/ocspCert.pem --key research/ocspKey.pem \
+		  --cacert sales/salesCert.pem --index sales/index.txt \
+		  --cert sales/ocspCert.pem --key sales/ocspKey.pem \
+		  --lifetime 5 --debug 0