In 22.04 LTS, nm-applet no longer recognizes .opvn (OpenVPN) config files

I use a VPN provider (Privado) who supplies OpenVPN profile files for various locations, example:

dev tun
#dev-node "PrivadoVPN (OpenVPN)"
proto udp
remote 1194
resolv-retry infinite

verify-x509-name name


route-ipv6 ::/0
route vpn_gateway
remote-cert-tls server
verb 3
auth SHA256
data-ciphers AES-256-CBC
data-ciphers-fallback AES-256-CBC
route-delay 3

... certificate text snipped ...

In previous Ubuntus and MX, I could click on Network Manager, select VPN Connections -> Configure VPN -> Import a saved VPN configuration, then navigate to and select a .ovpn file and it would read in the file, prompt me for my VPN username and password, then add the VPN to the VPN Connections list. Then each VPN server would show up in a popup list under "VPN Connections ->" under the network applet.

22.04 won't take any of my .ovpn files, says:


Apparently it chokes on the first line "client" in the file, expects comma-separated pairs on every line.

I can run "openvpn --config file.ovpn" from the command line, but would rather run it from network manager as it is more seamless.

I added the packages openvpn

What's going on, does something else need to be configured? Again --- this has worked in ubuntu from 18 to the 21.xx that I'm currently running.

Hi, @em_space .

I don't have experience with setting up OpenVPN connections in "NetworkManager", but I've ran some web searches on variations of the error message that appears in the screenshot that you've included in your post:

Could not create new connection
The VPN plugin failed to import the VPN connection correctly: Key file contains line "client" which is not a key-value pair, group, or comment

[ "Close" button ]

The best suggestion that I've found (so far) seems to be the following one, contained in an answer written by user "thaller" in the "Unix & Linux Stack Exchange", on 30th January 2019, available at

"(...) The error message is misleading, as it does not come from the openvpn plugin, but some other VPN plugin. As all plugins fail to import the file, the program does not know which is the best failure message. Try   nmcli connection import type openvpn file "$FILENAME"  to get a better message. (...)"

Naturally, that NetworkManager CLI command ("nmcli connection import type openvpn file "$FILENAME"") should be run in the command line / terminal window, and $FILENAME should be replaced by the name of the actual .ovpn configuration file.

I hope that helps you, in some way :slight_smile:


Apparently, the code that parses a .ovpn file from the NetworkManager GUI has not kept up with the .ovpn file format. nmcli almost works - it doesn't like the "vpn_gateway in the line route vpn_gateway but works when "vpn_gateway" is missing.

So I wrote a bash script to:

  • accept a list of .ovpn files
  • for each one:
    edit the file with sed and comment out the "#vpn_gateway" in the "route..." line
    call nmcli to create a network connection from the file
    call nmcli again to add "username=myvpnname" to the connection

This is actually more convenient since I can just add all of the connections I want at once.

I still need a way to add my vpn password to the login keyring the way NetworkManager does in the properties, can anyone help with that?