Using PKCS#12 file requires password for private key

Same problem here, exported a openvpn configuration from pfSense without a password, but I can't import the configuration in the network manager because of this.

Ubuntu 11.10 (Gnome)
Using a pkcs#12 file from pfsense I entered a couple of random characters in the box (though the key file or server didn't require it) and I could save & connect fine.

Ubuntu 11.10 (XFCE)
Same as above but the gui prompts for the password when trying to connect to the vpn.

Same thing on ubuntu 13.04, also from pfsense

Xubuntu 12.04, also created using pfSense without password on private key. Unable to leave password field empty and save settings. Also does not work when entering characters into the field.

Also on Xubuntu 12.04 and can confirm does not allow to connect unless private key password field is populated. Entering irrelevant characters does not work.

Ubuntu 13.10, still present. Approaching 3rd year, not a single f*ck has been given.

Xubuntu 14.04, now this causes a segfault instead of just preventing you to continue. Doesn't matter if you imporant a .ovpn file or manualy import the keys.

Apr 21 11:20:23 zmpeg-xps kernel: [ 110.930821] nm-connection-e[2433]: segfault at 14a77e0 ip 00000000014a77e0 sp 00007fff2e3f2e18 error 15

Segfault confirmed, you can no longer import openvpn configs in 14.04

No segfault here on 14.04 (pfSense 2.1.4 with the OpenVPN Export Plugin), but exporting the config+certs ('Archive') from pfSense, you can't save the imported profile in network manager without entering a password for the pkcs12 file (which when exported from pfSense, doesn't have one!)

I've been able to get round this by exporting the user's Public + Private Keys, and the CA Cert individually from pfSense then selecting them individually in the network manager interface. Bit of a P.I.T.A though :(

still true for xenial.

Comrades, it is not a bug. If you are using pfsense you should define p12 password in Certificate Export Options. Just pick "Password Protect Certificate" and type password which you would like, save and reexport.

The solution sugested by connstance does not resolve the problem. In my case I am trying to access my customer VPN and I cannot password protect the certificate. In pfSense this is a global option, and if they change this they need to change all users vpn.

Confirm this too. Even on 17.04 the problem still exists.
I have no password on p12 certificate, but network-manager openvpn plugin still requires it.
Yes, the trick with random characters works, but this is dumb.

Confirm the same problem on 16.04 LTS
The random characters do not work for me.
It's a customer's VPN so I cannot insist on changes being make to fit me. The configuration works fine when using he command line "openvpn --config xxxx.ovpn", but I would prefer to use Network Manager for the simplicity of it.

Issue continues as of 18.10

I can enter a random character to get past it, but that wasn't intuitive.

There is a work around for this, but it isn't as simple as it should be. I can confirm that in 18.04.2 LTS that you can't import the p12 cert into it. However if you manually extract out the crt, key and ca from the p12 file, you can select them manually for an openvpn for each file, and that does work. I used the following commands to do it, and this was successful on 18.04.2

Private Key
openssl pkcs12 -in client.p12 -nocerts -nodes | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > client.key

Public Certificate
openssl pkcs12 -in client.p12 -clcerts -nokeys | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > client.cer

CA Certificate
openssl pkcs12 -in client.p12 -cacerts -nokeys -chain | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > client-ca.cer

Just replace the "client" part of the lines above with your file. It is a pain that you have to do this, but it does work.