On 02/18/17 14:38, InvalidPath wrote: > Well thats just it.. on linux IDK where the correct location is. I > tried placing it and the ca.crt in the same folder, then specifying > the entire path in the .ovpn and both times the gui prompted me, do I > want to copy them to /home/user/etc/etc and I chose yes. But the > connection times out in either case. First of all.... Many people on this list, myself included, would appreciate it if you'd put your responses below the text is the reply. It makes for easier reading With Networkmanager it is best to put them under their own directory under... ~/.local/share/networkmanagement/certificates For example..... [egreshko@meimei certificates]$ pwd /home/egreshko/.local/share/networkmanagement/certificates [egreshko@meimei certificates]$ ls AU-Sydney-S1 US-Los-Angeles-S3 US-San-Jose-S1 US-Kansas-City-S1 US-New-York-City-S1 US-Seattle-S1 Showing I have 6 connections defined. [egreshko@meimei certificates]$ ls -Z US-Kansas-City-S1 unconfined_u:object_r:home_cert_t:s0 ca.crt unconfined_u:object_r:home_cert_t:s0 cert.crt unconfined_u:object_r:home_cert_t:s0 private.key unconfined_u:object_r:home_cert_t:s0 tls_auth.key Shows the key files for that one connection and their selinux contents. Do Not "move" the cert files to their new locations but copy them. If you move them they will not have the selinux context and you'll have to take a second step to restore the context. Then, when you try connecting you should check the journal (using journalctl) to see if the connection is made and/or if there are any errors. A successful connection would look like something similar to this.... [egreshko@meimei ~]$ cat openvpn Feb 18 17:03:56 meimei.greshko.com nm-openvpn[32673]: OpenVPN 2.3.14 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Dec 7 2016 Feb 18 17:03:56 meimei.greshko.com nm-openvpn[32673]: library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.08 Feb 18 17:03:56 meimei.greshko.com nm-openvpn[32673]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 17:03:56 meimei.greshko.com nm-openvpn[32673]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 17:03:56 meimei.greshko.com nm-openvpn[32673]: Control Channel Authentication: using '/home/egreshko/.local/share/networkmanagement/certificates/US-Seattle-S1/tls_auth.key' as a OpenVPN static key file Feb 18 17:03:57 meimei.greshko.com nm-openvpn[32673]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 18 17:03:57 meimei.greshko.com nm-openvpn[32673]: UDPv4 link local: [undef] Feb 18 17:03:57 meimei.greshko.com nm-openvpn[32673]: UDPv4 link remote: [AF_INET]69.4.227.18:53 Feb 18 17:04:00 meimei.greshko.com nm-openvpn[32673]: [isvpn.net] Peer Connection Initiated with [AF_INET]69.4.227.18:53 Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:2: topology-subnet (2.3.14) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: option 'mssfix' cannot be used in this context ([PUSH-OPTIONS]) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-pre-release (2.3.14) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:7: dhcp-renew (2.3.14) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:8: dhcp-release (2.3.14) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:14: register-dns (2.3.14) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:15: block-ipv6 (2.3.14) Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: TUN/TAP device tun0 opened Feb 18 17:04:02 meimei.greshko.com nm-openvpn[32673]: /usr/libexec/nm-openvpn-service-openvpn-helper --debug 0 32667 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_9 --tun -- tun0 1500 1570 25.0.8.4 255.255.255.0 init Feb 18 17:04:07 meimei.greshko.com nm-openvpn[32673]: GID set to nm-openvpn Feb 18 17:04:07 meimei.greshko.com nm-openvpn[32673]: UID set to nm-openvpn Feb 18 17:04:07 meimei.greshko.com nm-openvpn[32673]: Initialization Sequence Completed Feb 18 17:04:12 meimei.greshko.com nm-openvpn[32673]: SIGTERM received, sending exit notification to peer Feb 18 17:04:13 meimei.greshko.com nm-openvpn[32673]: SIGTERM[soft,exit-with-notification] received, process exiting -- Fedora Users List - The place to go to get others to do the work for you _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
