Both the roadwarrior <b>carol</b> and the gateway <b>moon</b> generate a
PKCS#1 RSA private key and a PKCS#10 certificate request using the 
<b>ipsec scepclient</b> function. Because the UML testing environment
does not offer enough entropy, the non-blocking /dev/urandom device is
used in place of /dev/random for generating the random primes.
<p>
The certificate requests are copied to <b>winnetou</b> where a certification
authority based on OpenSSL issues X.509 certificates by verifying and
signing the PCKS#10 requests. The certificates are then copied back to
the corresponding hosts and used to set up a road warrior connection
initiated by <b>carol</b>