Description of problem: OpenVPN since version 2.3 have supported --extra-certs, but the OpenVPN NetworkManager plug-in does not understand this option. This option points to a file or can be an embedded file a configuration file. From the man page: --extra-certs file Specify a file containing one or more PEM certs (concatenated together) that complete the local certificate chain. This option is useful for "split" CAs, where the CA for server certs is dif‐ ferent than the CA for client certs. Putting certs in this file allows them to be used to complete the local certificate chain without trusting them to verify the peer-submitted certificate, as would be the case if the certs were placed in the ca file. One known VPN service provider actively using this feature is Private Tunnel ( https://www.privatetunnel.com/ )
Feature added upstream: https://gitlab.gnome.org/GNOME/network-manager-openvpn/commit/3c8d06797dcfdd0111fa228f90741712495180b8 which is present in 1.8.2 or newer. EPEL is still at 1.2.6
EPEL 7 entered end-of-life (EOL) status on 2024-06-30.\n\nEPEL 7 is no longer maintained, which means that it\nwill not receive any further security or bug fix updates.\n As a result we are closing this bug.