I did find this bug, which is maddeningly still unfixed since August. I’ll give it a test once I get a few other things straightened out.
https://bugzilla.ipfire.org/show_bug.cgi?id=12672
Thanks to this forum post: Possible bug? IPsec certificate export problem since Core Update 158