Looking at the source code for nm-openvpn-service.c, before this bug was introduced it doesn't appear that the crl-verify option was ever implemented or used, as it is not found within the code. The only lines that refer to crl-verify were introduced in Ubuntu 19.04, and consist of the following:
tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CRL_VERIFY_FILE); if (tmp) args_add_strv (args, "--crl-verify", tmp); else { tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CRL_VERIFY_DIR); if (tmp) args_add_strv (args, "--crl-verify", tmp, "dir"); } Frankly I do not know how or why "/var/lib/openvpn/chroot/" gets incorrectly prepended to the file path in the openvpn argument string, but the crl-verify option clearly doesn't work (or may never have worked after it was introduced). This needs fixing ASAP. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1835644 Title: CRL files are not accessible for the Verify CRL options To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1835644/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs