On Fri, 2012-08-31 at 17:30 -0400, Dan Kane wrote: > I can successfully connect to my VPN via the cmdline using: > > sudo openconnect -c certfile.p12 vpn.mydomain.com > > It asks for the PKCS#12 pass phrase, then username/password and I'm in > like a dirty shirt ;) > > Yet when I try to configure a VPN connection using the Fedora17 > NetworkManager UI - having converted my PKCS#12 into a .pem file - it > always fails to connect, saying "The VPN connection 'VPN' failed because > there were no valid VPN secrets". > > FWIW, I converted my .p12 into a .pem using (OpenSSL 1.0.0j-fips): > > openssl pkcs12 -nodes -in certfile.p12 -out certfile.pem > > I use certfile.pem as my "User Certificate" in the NM UI. That seems sane. I take it your certfile.pem also works from the command line? > Perhaps this is really a Fedora forum question, but I figured that you > would have experience of how openconnect can fail in various > environments. Any ideas why? Absolutely *not* a Fedora forum question; thanks for asking it here. The other appropriate place would be Fedora bugzilla, but definitely not the forum. NetworkManager's error handling is extremely poor here. It gives that 'no valid VPN secrets' for many circumstances, but the most likely I suspect is that there is no "agent" registered to handle the authentication requests for VPN connections. I think GNOME shell is supposed to handle this... but often doesn't. Can you try running 'nm-applet' from a terminal, and then try connecting? Or if you're using KDE, make sure the kde-plasma-networkmanagement-openconnect package is installed. -- David Woodhouse Open Source Technology Centre David.Woodhouse at intel.com Intel Corporation -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120831/ed04bc30/attachment-0001.bin>
