Fedora with selinux enabled running OpenVPN using NetworkManager

On a Fedora or CentOS system with enables selinux you need to store your certificate and configuration in /etc/openvpn to avoid selinux is blocking the access of NetworkManager to this files. There is a way of setting some sebooleans to allow selinux to read them from user home directories but for me it didn’t work and I did not investigate. I moved all files on that machine to /etc/openvpn and modified the NetworkManager configuration. Everything works like a charm now. And it is quite more comfortable to configure all the details like if you wish to route all your traffic through that vpn connection or not.

One thought on “Fedora with selinux enabled running OpenVPN using NetworkManager

  1. Povl Falk-Jensen

    Thanks for your post.
    In Fedora 23 I placed ca.crt in ~/.pki or ~/.cert and ran sudo restorecon -R -v ~/.pki ~/.cert.
    After upgrading to Fedora 24, I couldn’t make it work (execpt with SELinux disabled)
    I followed your advise and placed ca.crt in /etc/openvpn and now it’s working.
    Thanks again 🙂

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *