With the popularity of ACME clients providing access to free "official" TLS certs some users want to make use of those with strongSwan. The too restrictive AppArmor policy caused grief to some users which reported about it on the upstream mailing list:
https://lists.strongswan.org/pipermail/users/2017-February/010537.html https://lists.strongswan.org/pipermail/users/2021-October/015121.html
Signed-off-by: Simon Deziel simon@sdeziel.info