Mitigation, can use the "tls-remote" property, set on the UI via "Advanced -> TLS Authentication -> Subject match" to the X509 name on the server's local certificate used for TLS authentication.
e.g. "/C=NA/ST=None/L=None/O=Mullvad/CN=m3.mullvad.net/emailAddress=i...@mullvad.net" To get this value, 1. export the VPN config (after adding a dummy value in above field) 2. edit file generated to remove the user and group lines and add a line "verb 3" 3. run from command line openvpn --config <filename> 4. From the output pick out the expected value (example above) where it shows an error Limitation: If your VPN service has mutiple servers (resolved via DNS) this will only work for one of them at a time. Shreepad -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/593087 Title: missing remote-cert-tls server on client To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/593087/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs