This is a serious problem compromising the security of OpenVPN on Linux. Every time I try to use crl-verify I get the following error:
nm-openvpn[3957]: Options error: --crl-verify fails with '/var/lib/openvpn/chroot/[insert path to pem file selected here]': No such file or directory (errno=2) The network manager cannot find the specified .pem file because for some reason the path is being prepended with "/var/lib/openvpn/chroot/". This bug needs to be fixed ASAP, I had no idea this was an issue until "upgrading" to this broken version of the network manager in Ubuntu 20.04. This bug is completely unacceptable and frankly ridiculous in that it has not been fixed or addressed. Please fix this issue. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager-openvpn in Ubuntu. https://bugs.launchpad.net/bugs/1835644 Title: CRL files are not accessible for the Verify CRL options Status in network-manager-openvpn package in Ubuntu: Confirmed Bug description: Hello, The Network Manager GUI options 'Verify CRL from file' and 'Verify CRL from directory' won't work because the openvpn process cannot access the files since being run with chroot, so the connection fails: nm-openvpn[5069]: chroot to '/var/lib/openvpn/chroot' and cd to '/' succeeded nm-openvpn[6135]: Options error: --crl-verify fails with '/var/lib/openvpn/chroot//home/steve/VPN/config/crl.rsa.4096.pem': No such file or directory (errno=2) Thanks. Ubuntu 19.04 network-manager-openvpn, network-manager-openvpn-gnome 1.8.10-1 openvpn 2.4.6-1ubuntu3.1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1835644/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
