Comment 27 for bug 230197

I have created a small kludge of a patch for the openssl-vulnkey issue mentioned in this threas. It's far from perfect and not supported/endorsed by Ubuntu in any way.
Basically I have implemented the ideas of Mihai and created a whitelist solution. The whitelist file is stored here: /usr/share/openssl-blacklist/whitelist

Once the openssl-vulnkey app is run as root (due to file permissions of /usr/share/openssl-blacklist/) it verifies the key. If it's not blacklisted it adds the key to the whitelist.
So eg. running: "sudo openssl-vulnkey /home/patrik/key.pem" will (after typing the password 3 times) add the key "key.pem" to the whitelist.
Each time the openssl-vulnkey app is run it first checks this whitelist file for the presence of the key against which it is being run.

Again, this is a kludge and in NO WAY an attempt to deliver a FINAL solution. I created it ONLY to save some typing time and be able to run OpenVPN through the NetworkManager applet again.
I thought I would post it here if someone would like to give it a go. In case you decide to do so first backup the /usr/sbin/openssl-vulnkey file and then apply the patch:

sudo patch < openssl-vulnkey.patch

/Patrik