OpenVPN: Buggy config dialog for "Password with Certificates (TLS)" authentication
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
network-manager (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
For an OpenVPN connection, the "VPN" tab of the configuration dialog is buggy when choosing "Password with Certificates (TLS)" authentication. Choosing a certificate file for one of the three User|CA|Private sometimes clears, sometimes sets the entries for the two other certificates that are not affected. Also, a passphrase for the private key is mandatory but shouldn't be.
Another option is to use one single PKCS#12 certificate (--pkcs12 switch for /usr/sbin/openvpn). It took me two hours to figure out that the .p12 file I was given actually can be converted to three .pem files using these commands:
openssl pkcs12 -nocerts -in YOUR_CERT.p12 -out userkey.pem
openssl pkcs12 -nokeys -clcerts -in YOUR_CERT.p12 -out usercert.pem
openssl pkcs12 -nokeys -cacerts -in YOUR_CERT.p12 -out userca.pem
(taken from http://
Status changed to 'Confirmed' because the bug affects multiple users.