fixed test scenarios

testing/tests/ikev2/crl-ldap/description.txt

@@ -1,6 +1,6 @@
 By setting <b>strictcrlpolicy=yes</b> a <b>strict CRL policy</b> is enforced on
 both roadwarrior <b>carol</b> and gateway <b>moon</b>. Thus when <b>carol</b> initiates
 the connection and only an expired CRL cache file in <b>/etc/ipsec.d/crls</b> is
-availabl, an ldap fetch to get the CRL from the LDAP server <b>winnetou</b> is
+available, an ldap fetch to get the CRL from the LDAP server <b>winnetou</b> is
 successfully started and the IKE authentication completes. The new CRL is again
 cached locally as a file in <b>/etc/ipsec.d/crls</b> due to the <b>cachecrls=yes</b> option.

testing/tests/ikev2/crl-ldap/hosts/moon/etc/ipsec.conf

@@ -8,7 +8,7 @@ config setup
 
 ca strongswan
 	cacert=strongswanCert.pem
-	crluri="ldap://ldap1.strongswan.org/cn=strongSwan Root CA, o=Linux strongSwan, c=CH?certificateRevocationList"
+	crluri="ldap://ldap.strongswan.org/cn=strongSwan Root CA, o=Linux strongSwan, c=CH?certificateRevocationList"
 	auto=add
 
 conn %default

testing/tests/ikev2/ocsp-multi-level/hosts/carol/etc/ipsec.conf

@@ -2,7 +2,7 @@
 
 config setup
 	crlcheckinterval=180
-	strictcrlpolicy=no
+	strictcrlpolicy=yes
 	plutostart=no
 
 ca strongswan

testing/tests/ikev2/ocsp-multi-level/hosts/dave/etc/ipsec.conf

@@ -2,7 +2,7 @@
 
 config setup
 	crlcheckinterval=180
-	strictcrlpolicy=no
+	strictcrlpolicy=yes
 	plutostart=no
 
 ca strongswan