Bugzilla – Bug 1214415
Network Manager can not import a *.ovpn file with pkcs12
Last modified: 2023-10-19 08:54:59 UTC
Hello, In my opinion, this is a regression, because in openSUSE 15.4 and earlier there was no such problem, and this very Network Manager bug was reported in 2019 and then resolved. Here's what happens when trying to create an OpenVPN setup by importing an *.ovpn file containing the following line: "pkcs12 my_access.p12" An error message was displayed and the OpenVPN connection was not established at all. However, if I manually import the file and run the connection from the command line, the tunnel builds and works perfectly. I suggest checking this out and I think the problem can be solved by using the source code from a previous version of Network Manager that does not exhibit this problem.
(In reply to Krasimir Ivanov from comment #0) > Hello, > In my opinion, this is a regression, because in openSUSE 15.4 and earlier > there was no such problem, and this very Network Manager bug was reported in > 2019 and then resolved. > Here's what happens when trying to create an OpenVPN setup by importing an > *.ovpn file containing the following line: "pkcs12 my_access.p12" > An error message was displayed and the OpenVPN connection was not > established at all. > However, if I manually import the file and run the connection from the > command line, the tunnel builds and works perfectly. > I suggest checking this out and I think the problem can be solved by using > the source code from a previous version of Network Manager that does not > exhibit this problem. Can you share a screenshot of the error message when importing a .ovpn file?
Please see description of this issue in Gnome from https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/-/issues/83 This very problem is described in detail there. I saw the problem on a customer computer and now I can't access that computer. Unfortunately, I don't have a chance to take a screenshot of the error message. Then I found a way around the problem by commenting out the .ovpn file, deleting the line that says "pkcs12 my_access.p12" and putting a definition for a fake TLS. Then I manually changed the settings of the thus imported connection by specifying the location of the corresponding pkcs12 certificate in the NetworkManager GUI. After that, this connection worked normally and the customer works with it every day.
It turns out that the version we are shipping in Leap 15.5 doesn't include the upstream fix for this issue. I just backported the patch and here is the updated package. If possible, can you help test whether it works? To test the new package, install NetworkManager-openvpn and NetworkManager-openvpn-gnome from the following repo. * https://download.opensuse.org/repositories/home:/JonathanKang:/branches:/openSUSE:/Leap:/15.5:/Update/standard
Closing this for now. If you're still experiencing this issue with the fix, feel free to reopen this bug report.
SUSE-RU-2023:4123-1: An update that has one fix can now be installed. Category: recommended (moderate) Bug References: 1214415 Sources used: SUSE Package Hub 15 15-SP4 (src): NetworkManager-openvpn-1.8.16-150400.3.3.2 SUSE Package Hub 15 15-SP5 (src): NetworkManager-openvpn-1.8.16-150400.3.3.2 SUSE Linux Enterprise Workstation Extension 15 SP4 (src): NetworkManager-openvpn-1.8.16-150400.3.3.2 SUSE Linux Enterprise Workstation Extension 15 SP5 (src): NetworkManager-openvpn-1.8.16-150400.3.3.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.