- Extract any cert files from the OVPN file you received, and save them as separate files in a directory intended for said purpose.
- The next three commands require sudo / root user...
- semanage fcontext -a -t home_cert_t (path to certificate file) for each cert.
- restorecon -Rv (path of certs/*) to load the new security contexts.
- yum remove avahi if you use a ".local" or other non-standard domain name internally. A safer option is to use systemctl disable avahi-daemon.socket avahi-daemon.service in case you need to flip it back on later.
- Import the OVPN file to the Network Manager, and configure to use the cert files + login username + password ("password w/certificates" option).
Thursday, January 14, 2016
OpenVPN access on Fedora / CentOS / RHEL
SELinux and Avahi conspire to make one's use of OpenVPN on a Redhat-based Linux to be rather unpleasant. Here's how you can go about resolving that.