unable to import config with inlined ca, cert, key or tls-auth
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
NetworkManager-OpenVPN |
Fix Released
|
Medium
|
|||
plasma-nm |
Fix Released
|
High
|
|||
network-manager-openvpn (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
plasma-nm (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: network-
So a client of mine runs an OpenVPN setup. It exported a client.ovpn file but it fails to completely import this file using the network-manager (gnome) on Ubuntu 10.04.
When I import the file, it gives me the name ("client") and gateway ("vpn.example.org") on the initial screen. No other fields are populated even though the client.ovpn file also includes a user certificate, server certifikate and a private key.
When I go to advanced, some (most) of the settings obviously seem to import correct, others not at all. E.g. none of the TLS settings (key and key direction) are imported.
From what I understand I should be able to use this without any additional settings.
The following software is installed through aptitude:
* openvpn (2.1.0)
* openvpn-blacklist
* network-
* network-
Changed in network-manager-openvpn (Ubuntu): | |
status: | New → Confirmed |
summary: |
- client.ovpn file is not completely imported + unable to import config with inlined ca, cert, key or tls-auth |
Changed in network-manager-openvpn: | |
importance: | Undecided → Unknown |
status: | New → Unknown |
Changed in network-manager-openvpn: | |
importance: | Unknown → Medium |
status: | Unknown → Confirmed |
Changed in network-manager-openvpn: | |
status: | Confirmed → Fix Released |
Changed in network-manager-openvpn (Ubuntu): | |
importance: | Undecided → Medium |
importance: | Medium → High |
tags: |
added: xenial removed: network-manager openvpn |
affects: | network-manager-openvpn (Fedora) → plasma-nm |
Changed in plasma-nm: | |
importance: | Undecided → Unknown |
status: | New → Unknown |
Changed in plasma-nm: | |
importance: | Unknown → High |
status: | Unknown → New |
Changed in plasma-nm: | |
status: | New → Fix Released |
I wanted to share the configuration (dummy):
remote vpn.example.org
client
proto tcp
port 443
dev tun
ns-cert-type server
auth-user-pass
auth-retry interact
comp-lzo
verb 3
<ca>
-----BEGIN CERTIFICATE-----
FOO
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
FOO
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
FOO
-----END RSA PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
FOO
-----END OpenVPN Static key V1-----
</tls-auth>
So the quickfix here is that you can dissect the file and import it all once you figured out the corresponding dropdown/whatever in the network manager. So for example in the example above I needed to select "Passwords with certificates (TLS)" and enter another user/pass along with it, no password for the key and also the TLS key and direction in advanced.
One more note - the following settings seemed to get imported:
proto, port, comp-lzo, remote
The rest was ignored.
I hope this helps.