Failed to import profile with Yubikey 5 for key storage
-
I am using a pfSense server as a VPN endpoint. The pfSense is the CA and issued the cert and key for the user account. If I import the config with certs and keys, everything works perfectly. Windows OpenVPN Connect v3.3.6 by the way.
I set up a Yubikey 5 NFC to store the cert/key pair exported from the pfSense user account. I successfully imported it onto the Yubikey under PIV.
I am able to see the token and authenticate with a pin as expected. It seems to show the cert as the first item on the key.
Everything looks right. I export the .ovpn and try to import it. Based on the OpenVPN Connect instructions (https://openvpn.net/vpn-server-resources/support-of-pkcs11-physical-tokens-for-openvpn-connect/), it should prompt me to locate the cert/key upon import. It does not. It just gives me this:
It looks like it's trying to find it on my local computer and never asks me where to look. Is there a setting somewhere or ovpn config line I am missing (that pfSense is failing to create). Redacted opvpn is below. Thanks for any help on this.
dev tun persist-tun persist-key data-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC data-ciphers-fallback AES-256-CBC auth SHA1 tls-client client resolv-retry infinite remote ********** 1194 udp4 setenv opt block-outside-dns lport 0 verify-x509-name "**********" name pkcs12 ********************.p12 tls-auth ********************-tls.key 1 remote-cert-tls server explicit-exit-notify