Code: Select all
sudo nmcli connection import type openvpn file /home/gostal/Downloads/vpn/Integrity_OpenVPN_v3/Bahnhof.ovpn
Code: Select all
Connection 'Bahnhof' (a58b19a0-9537-45a3-912b-dc8b4e1eac40) successfully added.
https://bugzilla.redhat.com/show_bug.cgi?id=1074830 .
The selinux troubleshooter gave me precisely this and I tried moving the certificate but I still get the same message about the mismatched password. So then I tried to switch selinux off by entering setenforce 0 as root. That did not help.
Same thing happens if I try to connect after having supplied the connection password.
All efforts above according to posts here and there in various fora. So what is going on here?
My best guess is that this has to do with my user being authenticated by an LDAP-server. If so what should I do? Is it possible to solve this problem for this user? Must I create a locally authenticated user? If so does it suffice to do what the selinux troubleshooter suggests:
Code: Select all
SELinux is preventing /usr/sbin/openvpn from open access on the file /home/gostal/Downloads/vpn/Integrity_OpenVPN_v3/ca.crt.
***** Plugin openvpn (47.5 confidence) suggests ***************************
If you want to mv ca.crt to standard location so that openvpn can have open access
Then you must move the cert file to the ~/.cert directory
Do
# mv /home/gostal/Downloads/vpn/Integrity_OpenVPN_v3/ca.crt ~/.cert
# restorecon -R -v ~/.cert
***** Plugin openvpn (47.5 confidence) suggests ***************************
If you want to modify the label on ca.crt so that openvpn can have open access on it
Then you must fix the labels.
Do
# semanage fcontext -a -t home_cert_t /home/gostal/Downloads/vpn/Integrity_OpenVPN_v3/ca.crt
# restorecon -R -v /home/gostal/Downloads/vpn/Integrity_OpenVPN_v3/ca.crt
Thanks for any help.
Cheers,
gostal