networkmanager-openvpn does not support pkcs12

is this still a problem with NM 0.7 that we ship in intrepid?

Yes :)

Not only "Yes", but is there some manual workaround for it? My understanding of certificates is on-par with my understanding of how network television shows are picked. :)

NetworkManager (0.7) mentions a "User Certificate", is this what they're talking about?

On Sun, Dec 28, 2008 at 8:52 AM, WheelDweller <email address hidden> wrote:
> Not only "Yes", but is there some manual workaround for it? My
> understanding of certificates is on-par with my understanding of how
> network television shows are picked. :)
>
> NetworkManager (0.7) mentions a "User Certificate", is this what they're
> talking about?

  There is no manual workaround except using openvpn from the command
line. Basically, in order to connect to an OpenVPN server using
certificates, you need to things: a user certifiate (obviously) and
the associated "private key" that goes with the certificate. OpenVPN
enables you to specify these two elements either as two separate files
(cert file and key file), or as a single standardised (PKCS#12) bundle
that contains both certifiate and private key and is usually protected
by a password. The idea is to add an option to choose either PKCS#12
or Certificate + key files in the configuration dialog.

   As a sidenote, using P12 is much more convenient, and is, to the
best of my knowledge, the most common way of handling
certificate+private key short of storing them in a smart card or
security dongle.

Alexander Sack wrote:
> is this still a problem with NM 0.7 that we ship in intrepid?
>
>
i think this might be fixed in final 0.7 ... its available for intrepid
and jaunty in NM team ppa:
https://edge.launchpad.net/~network-manager/+archive

can you confirm?

WheelDweller wrote:
> Not only "Yes", but is there some manual workaround for it?
workaround :
http://keystoneit.wordpress.com/2007/11/08/ubuntu-network-manager-and-openvpn/

> My
> understanding of certificates is on-par with my understanding of how
> network television shows are picked. :)
> NetworkManager (0.7) mentions a "User Certificate", is this what they're
> talking about?
>
>

 NM 0.7.0 as shipped in Intrepid still only supports separate user
cert & key file, no possibility to use a P12 file as is - other than
split it manually as described in another reply.

Ed

On Sun, Dec 28, 2008 at 2:31 PM, Alexander Sack <email address hidden> wrote:
> Alexander Sack wrote:
>> is this still a problem with NM 0.7 that we ship in intrepid?
>>
>>
> i think this might be fixed in final 0.7 ... its available for intrepid
> and jaunty in NM team ppa:
> https://edge.launchpad.net/~network-manager/+archive
>
> can you confirm?
>
> --
> networkmanager-openvpn does not support pkcs12
> https://bugs.launchpad.net/bugs/225133
> You received this bug notification because you are a direct subscriber
> of the bug.
>

I am setting up an OpenVPN connection right now and I had to Google to get this page to get the instructions that are linked to this page in oder to get Network Manager to work.

It would be much easier to include .p12 support. :)

Mainly posting to subscribe to this 'bug'.

In addition to supporting .P12 files, it would be soooo cool to support .ovpn files (generated by things like IPCop) to automagically import settings such as gateway, cypher, etc.. This is what the OpenVPN client for Windows does, and it's really slick. :)