User story: As an OpenShift administrator, I want to securely connect my OpenShift cluster to a Single Node OpenShift (SNO) instance using nmstate to configure IPSec connections with certificate-based authentication, So that I can ensure secure communication channels between my cluster and SNO, leveraging mutual TLS for authentication. Acceptance criteria: Given a system with NetworkManager-libreswan installed, When a network administrator configures an IPSec connection specifying both leftcert and rightcert parameters for certificate-based authentication, Then NetworkManager-libreswan should successfully recognize and apply the rightcert parameter.  Definition of Done: The implementation meets the acceptance criteria Unit test and integration test are written and pass The code is part of a downstream build attached to an errata The code is backported into RHEL-9.2 The release note text is filled   AC and QE test alignment : The CI test added in https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/merge_requests/1674 aligns well with the acceptance criteria provided above as it includes the setup and configuration steps (Imports the server certificate into local database, adds VPN connection with `leftcert` and `rightcert` and brings up the connection and verifies the connection state and associated routes. 

.The `NetworkManager-libreswan` plugin supports the `rightcert` option You can use the `rightcert` option when configuring Libreswan connections through NetworkManager. With this option, you can authenticate the "right" side participant of the IPsec (Internet Protocol Security) connection using a certificate.