Bug 1421499

Summary: tls-remote config fails with networkmanager-openvpn-1.2.6
Product: [Fedora] Fedora Reporter: Fabrice Bellet <fabrice>
Component: NetworkManager-openvpnAssignee: Lubomir Rintel <lkundrak>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 25CC: choeger, dcbw, huzaifas, lkundrak, psimerda, steve, thaller
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-13 08:58:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Fabrice Bellet 2017-02-12 19:02:14 UTC 
With this new version, it seems that the legacy option to check the x509 certificate subject (tls-remote) is no longer accepted :

Feb 12 19:29:46 bonobo.bellet.info NetworkManager[1051]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: tls-remote (2.4.0)
Feb 12 19:29:46 bonobo.bellet.info NetworkManager[1051]: Use --help for more information.
Feb 12 19:29:46 bonobo.bellet.info NetworkManager[1051]: <warn>  [1486924186.6513] vpn-connection[0x560946b30100,ba9c7938-bd0e-4e3d-b971-5a605ee5811d,"VPN xxx 1194/udp",0]: VPN plugin: failed: connect-failed (1)
Feb 12 19:29:46 bonobo.bellet.info NetworkManager[1051]: <warn>  [1486924186.6513] vpn-connection[0x560946b30100,ba9c7938-bd0e-4e3d-b971-5a605ee5811d,"VPN xxx 1194/udp",0]: VPN plugin: failed: connect-failed (1)

Switching to other options to verify the CN works fine of course, but I think breaking the existing tls-remote option was not the desired behaviour.
Comment 1 Thomas Haller 2017-02-12 21:36:31 UTC 
I assume you are running openvpn version 2.4?

Probably a dupe of bug 1421241.
Comment 2 Thomas Haller 2017-02-13 08:58:38 UTC 

*** This bug has been marked as a duplicate of bug 1421241 ***