modified description.txt and evaltest.dat

4 files changed, 8 insertions, 6 deletions

diff --git a/testing/tests/ikev2/ocsp-revoked/description.txt b/testing/tests/ikev2/ocsp-revoked/description.txt
index ead076a04..73d072549 100644
--- a/testing/tests/ikev2/ocsp-revoked/description.txt
+++ b/testing/tests/ikev2/ocsp-revoked/description.txt
@@ -1,7 +1,7 @@
 By setting <b>strictcrlpolicy=yes</b>, a <b>strict</b> CRL policy is enforced on
 both roadwarrior <b>carol</b> and gateway <b>moon</b>. The online certificate status
 is checked via the OCSP server <b>winnetou</b> which possesses an OCSP signer certificate
-issued by the strongSwan CA. This certificate contains an <b>OCSPSigner</b>
+issued by the strongSwan CA. This certificate contains an <b>OCSPSigning</b>
 extended key usage flag. A strongswan <b>ca</b> section in ipsec.conf defines an
 <b>OCSP URI</b> pointing to <b>winnetou</b>.
 <p>
diff --git a/testing/tests/ikev2/ocsp-revoked/evaltest.dat b/testing/tests/ikev2/ocsp-revoked/evaltest.dat
index 1d9d760cd..eacb70c40 100644
--- a/testing/tests/ikev2/ocsp-revoked/evaltest.dat
+++ b/testing/tests/ikev2/ocsp-revoked/evaltest.dat
@@ -1,6 +1,6 @@
-moon::ipsec listocspcerts::altNames.*ocsp.strongswan.org::YES
 moon::cat /var/log/daemon.log::received valid http response::YES
-moon::cat /var/log/daemon.log::certificate was revoked::YES
+moon::cat /var/log/daemon.log::received ocsp signer certificate is trusted::YES
+moon::ipsec listocspcerts::altNames.*ocsp.strongswan.org::YES
 carol::cat /var/log/daemon.log::received AUTHENTICATION_FAILED notify error::YES
 moon::ipsec status::rw.*ESTABLISHED::NO
 carol::ipsec status::home.*ESTABLISHED::NO
diff --git a/testing/tests/ikev2/ocsp-signer-cert/description.txt b/testing/tests/ikev2/ocsp-signer-cert/description.txt
index 300d75a62..492a9882b 100644
--- a/testing/tests/ikev2/ocsp-signer-cert/description.txt
+++ b/testing/tests/ikev2/ocsp-signer-cert/description.txt
@@ -1,7 +1,7 @@
 By setting <b>strictcrlpolicy=yes</b>, a <b>strict</b> CRL policy is enforced on
 both roadwarrior <b>carol</b> and gateway <b>moon</b>. The online certificate status
 is checked via the OCSP server <b>winnetou</b> which possesses an OCSP signer certificate
-issued by the strongSwan CA. This certificate contains an <b>OCSPSigner</b>
+issued by the strongSwan CA. This certificate contains an <b>OCSPSigning</b>
 extended key usage flag. <b>carol</b>'s certificate includes an <b>OCSP URI</b>
 in an authority information access extension pointing to <b>winnetou</b>. 
 Therefore no special ca section information is needed in ipsec.conf.
diff --git a/testing/tests/ikev2/ocsp-signer-cert/evaltest.dat b/testing/tests/ikev2/ocsp-signer-cert/evaltest.dat
index ffe9c5515..4a8ffd412 100644
--- a/testing/tests/ikev2/ocsp-signer-cert/evaltest.dat
+++ b/testing/tests/ikev2/ocsp-signer-cert/evaltest.dat
@@ -1,9 +1,11 @@
-moon::ipsec listocspcerts::altNames.*ocsp.strongswan.org::YES
-carol::ipsec listocspcerts::altNames.*ocsp.strongswan.org::YES
 moon::ipsec listcainfos::ocspuris.*http://ocsp.strongswan.org::YES
 carol::ipsec listcainfos::ocspuris.*http://ocsp.strongswan.org::YES
 moon::cat /var/log/daemon.log::received valid http response::YES
 carol::cat /var/log/daemon.log::received valid http response::YES
+moon::cat /var/log/daemon.log::received ocsp signer certificate is trusted::YES
+carol::cat /var/log/daemon.log::received ocsp signer certificate is trusted::YES
+moon::ipsec listocspcerts::altNames.*ocsp.strongswan.org::YES
+carol::ipsec listocspcerts::altNames.*ocsp.strongswan.org::YES
 moon::cat /var/log/daemon.log::certificate is good::YES
 carol::cat /var/log/daemon.log::certificate is good::YES
 moon::ipsec status::rw.*ESTABLISHED::YES