There are many core OAL tests that only run unsecurely that test core functionality. This is fine when testing against only the OAL's servers/routers, but in order to have the tests work against the CST the tests need to be updated to run securely.