Creating an OpenVPN connection from a malformed (?) file completely broken


I’m trying to create a VPN connection from a set of files created by IPFire. There are two files: .p12 and .ovpn

The .ovpn file includes a line that openvpn apparently doesn’t like: pkcs12 filename.p12. Fair enough, perhaps IPFire follows an older standard or something. But the error message that appears is something else.

The error message says the VPN connection can’t be imported, so far so good, but then says (I’m translating from another language so the message in English may be different) the key file includes the line “tls-client” which is not a key-value pair, a group or a comment. In other words, the error message is completely useless, because there’s nothing wrong with the “tls-client” line, it’s the “pkcs12” line that’s the problem.

What’s worse, the only button on the error message is OK and it does nothing. After a while, the Gnome “Settings is not responding” box comes out and the only thing that can be done is forcing the whole gnome settings window to close.

A bug, perhaps? Thanks for any input.

The config file (.ovpn) is likely different between ipfire and openvpn.
Have you tried moving that file as a backup then creating a completely new connection?
It seems likely that the filename.p12 file may be the issue.

If I change the line pkcs12 filename.p12 to ca filename.p12 the connection gets created. Gnome settings doesn’t even get to parse the .p12 file, it hangs on the .ovpn file.

You may wish to ask your question by posting it in IPFire’s sub-forum?

Hmmm, do you think Gnome settings crashing from parsing a simple text file is on the IPFire guys?

In any case, the bug has been reported to Gnome by someone else a while ago already: Hang after failing to import VPN config file (#2068) · Issues · GNOME / Settings · GitLab

I personally don’t use GNOME (I detest its bloatware.)

But I have friends who use Fedora 37 with GNOME and they have no problems using it for OpenVPN config files such as *.ovpn and *.conf.

your headline says it all…

Creating an OpenVPN connection from a malformed (?) file completely broken

What do you expect? A malformed file to import properly and some AI in the background fixing your malformed .ovpn file?

I have regularly imported .ovpn files in Gnome in the past, and that is something that has worked consistently in the past.

So, fix your file and try again, or just insert the information manually.

I’m expecting the whole gnome settings window not to hang from parsing a text file?

And it’s not a given the .ovpn file is malformed, hence the question mark in the title.

Edit: actually, it’s probably not hanging from reading the .ovpn file. It’s hanging from displaying its own error message, which contains useless info to boot.

you stated that the .ovpn file was parsed.

You already posted the change that solved the connection so it proved the text .ovpn file was corrupted as stated in the thread title.

When config files are corrupt the results are caused by the corruption and what we want or expect are not what happens. Why would you expect a corrupt config file to not cause problems… In your case it seems it locked things up so you had to do a forced recovery.

After all, config files are mostly text files, so don’t be flabergasted that a text config file corruption can cause a hang (otherwise known as a freeze).