replaced /etc/openvpn/update-resolv-conf with the content above, file name left unchanged and proceeded as below.
No success.

BR, Aldo

%%%%%%%
Replace content of /etc/openvpn/update-resolv-conf with update-resolv-conf.sh content
Add to /etc/openvpn/evpn_myproxy.conf
script-security 2
up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh
down-pre
Issue:

systemctl stop openvpn

$ curl ifconfig.me; echo
84.155.221.241

systemctl enable openvpn@evpn_myproxy

$ curl ifconfig.me; echo
84.155.221.241
%%%%%%%

Hi,

Is the curl command ran after a reboot?

If so whats the output of:-

systemctl status openvpn@evpn_myproxy

Regards Tom.

correcting my last post:
lines in the configuration file didn’t look this way:

up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh
but this way:
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Content has been teplaced.

nope, however here the status after reboot:
$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
  Active: activating (start) since Sat 2026-04-25 19:53:26 CEST; 121ms ago
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO
  Main PID: 3219 (openvpn)
  Tasks: 1 (limit: 3660)
  Memory: 64.0K
  CGroup: /system.slice/system-openvpn.slice/openvpn@evpn_myproxy.service
  `-3219 [openvpn]

Apr 25 19:53:26 osmc systemd[1]: Starting OpenVPN connection to evpn_myproxy…
Apr 25 19:53:26 osmc ovpn-evpn_myproxy[3219]: Options error: --up script fails with ‘/etc/openvpn/update-resolv-conf’: Permission denied (errno=13)
Apr 25 19:53:26 osmc ovpn-evpn_myproxy[3219]: Options error: Please correct this error.
Apr 25 19:53:26 osmc ovpn-evpn_myproxy[3219]: Use --help for more information.
$

I had to change file permission for update-resolv-conf to 755.

Now enabling is working and starts at startup.

Appreciate it

BR, Aldo

Status now, before reboot:

$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
  Active: active (running) since Sat 2026-04-25 20:05:42 CEST; 3min 55s ago
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO
  Main PID: 3735 (openvpn)
  Status: “Initialization Sequence Completed”
  Tasks: 1 (limit: 3660)
  Memory: 1.4M
  CGroup: /system.slice/system-openvpn.slice/openvpn@evpn_myproxy.service
  `-3735 /usr/sbin/openvpn --daemon ovpn-evpn_myproxy --status /run/openvpn/evpn_myproxy.status 10 --cd /etc/openvpn --config /etc/openvpn/evpn_myproxy.conf --writepid /run/openvpn/evpn_myproxy.pid

Apr 25 20:05:43 osmc ovpn-evpn_myproxy[3735]: net_addr_v4_add: 10.30.0.14/16 dev tun0
Apr 25 20:05:43 osmc ovpn-evpn_myproxy[3735]: /etc/openvpn/update-resolv-conf tun0 1500 1629 10.30.0.14 255.255.0.0 init
Apr 25 20:05:43 osmc openvpn[3738]: dhcp-option DNS 10.30.0.1
Apr 25 20:05:43 osmc openvpn[3750]: Error ethernet_xxxxxxxxxxxxx_cable: Method “SetProperty” with signature “sv” on interface “net.connman.Service” doesn’t exist
Apr 25 20:05:43 osmc openvpn[3738]: no domain pushed
Apr 25 20:05:45 osmc ovpn-evpn_myproxy[3735]: net_route_v4_add: 212.30.36.122/32 via 192.168.1.1 dev [NULL] table 0 metric -1
Apr 25 20:05:45 osmc ovpn-evpn_myproxy[3735]: net_route_v4_add: 0.0.0.0/1 via 10.30.0.1 dev [NULL] table 0 metric -1
Apr 25 20:05:45 osmc ovpn-evpn_myproxy[3735]: net_route_v4_add: 128.0.0.0/1 via 10.30.0.1 dev [NULL] table 0 metric -1
Apr 25 20:05:45 osmc ovpn-evpn_myproxy[3735]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Apr 25 20:05:45 osmc ovpn-evpn_myproxy[3735]: Initialization Sequence Completed
$

Status after reboot:

$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
  Active: active (running) since Sat 2026-04-25 20:14:04 CEST; 2min 40s ago
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO
  Main PID: 2545 (openvpn)
  Status: “Initialization Sequence Completed”
  Tasks: 1 (limit: 3660)
  Memory: 3.2M
  CGroup: /system.slice/system-openvpn.slice/openvpn@evpn_myproxy.service
  `-2545 /usr/sbin/openvpn --daemon ovpn-evpn_myproxy --status /run/openvpn/evpn_myproxy.status 10 --cd /etc/openvpn --config /etc/openvpn/evpn_myproxy.conf --writepid /run/openvpn/evpn_myproxy.pid

Apr 25 20:14:15 osmc ovpn-evpn_myproxy[2545]: net_addr_v4_add: 10.30.0.37/16 dev tun0
Apr 25 20:14:15 osmc ovpn-evpn_myproxy[2545]: /etc/openvpn/update-resolv-conf tun0 1500 1629 10.30.0.37 255.255.0.0 init
Apr 25 20:14:15 osmc openvpn[3131]: dhcp-option DNS 10.30.0.1
Apr 25 20:14:15 osmc openvpn[3143]: Error ethernet_xxxxxxxxxxxxx_cable: Method “SetProperty” with signature “sv” on interface “net.connman.Service” doesn’t exist
Apr 25 20:14:15 osmc openvpn[3131]: no domain pushed
Apr 25 20:14:17 osmc ovpn-evpn_myproxy[2545]: net_route_v4_add: 212.30.36.122/32 via 192.168.1.1 dev [NULL] table 0 metric -1
Apr 25 20:14:17 osmc ovpn-evpn_myproxy[2545]: net_route_v4_add: 0.0.0.0/1 via 10.30.0.1 dev [NULL] table 0 metric -1
Apr 25 20:14:17 osmc ovpn-evpn_myproxy[2545]: net_route_v4_add: 128.0.0.0/1 via 10.30.0.1 dev [NULL] table 0 metric -1
Apr 25 20:14:17 osmc ovpn-evpn_myproxy[2545]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Apr 25 20:14:17 osmc ovpn-evpn_myproxy[2545]: Initialization Sequence Completed
$

Hi,

So now it working as expected?

Actually I see from the output of systemctl status openvpn@evpn_myproxy, there is an issue with the update-resolv-conf script. Its look like you’ve missed the step where you update the network interface.

Whats the output of:- sudo connmanctl services

Regards Tom.

Regards

     # connmanctl services
     *AO Wired                ethernet_94cc04600f9c_cable

Hi,

So in that script you need to replace:

connmanctl config ethernet_xxxxxxxxxxxxx_cable --nameservers $R

With:-

connmanctl config ethernet_94cc04600f9c_cable --nameservers $R

The issue:-

sudo systemctl restart openvpn@evpn_myproxy

Leave it about 30 seconds, then provide the output of:

systemctl status openvpn@evpn_myproxy

&

curl ifconfig.me; echo

Regards Tom.

line replaced, now the Error is gone. I didn’t restart the service though.
btw, can we remove the Warning lines?

tia, Aldo

Status after replacing the connmanctl line in update-resolv-conf:

$ connmanctl services
*AO Wired ethernet_94cc04600f9c_cable

sed -in ‘s/ethernet_xxxxxxxxxxxxx_cable/ethernet_94cc04600f9c_cable/’ /etc/openvpn/update-resolv-conf

$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
  Active: active (running) since Sat 2026-04-25 20:42:18 CEST; 1h 59min ago
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO
  Main PID: 2543 (openvpn)
  Status: “Initialization Sequence Completed”
  Tasks: 1 (limit: 3660)
  Memory: 2.8M
  CGroup: /system.slice/system-openvpn.slice/openvpn@evpn_myproxy.service
  `-2543 /usr/sbin/openvpn --daemon ovpn-evpn_myproxy --status /run/openvpn/evpn_myproxy.status 10 --cd /etc/openvpn --config /etc/openvp

Apr 25 21:40:32 osmc ovpn-evpn_myproxy[2543]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA3, emailAddress=support
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: VERIFY OK: nsCertType=SERVER
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-10786-3a, emailAddress=suppor
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-10786-3a, emailAddress=suppor
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1554’, remote=‘link-mtu 1606’
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: WARNING: ‘auth’ is used inconsistently, local=‘auth [null-digest]’, remote=‘auth SHA512’
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key
Apr 25 22:38:40 osmc ovpn-evpn_myproxy[2543]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
$ curl ifconfig.me; echo
2.57.170.84
$ arp dm.ateconsult.eu
dm.ateconsult.eu (84.155.221.241) – no entry

you need to restart the service for the changes to take affect.

restart break the vopn service.
start wouldn’t work either.

BR, Aldo

Upon reboot:

$ curl ifconfig.me; echo
84.155.221.119

systemctl enable openvpn@evpn_myproxy

$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
  Active: inactive (dead)
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO

Apr 26 15:01:02 osmc systemd[1]: Stopping OpenVPN connection to evpn_myproxy…
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_route_v4_del: 213.21.226.2/32 via 192.168.1.1 dev [NULL] table 0 metric -1
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_route_v4_del: 0.0.0.0/1 via 10.15.0.1 dev [NULL] table 0 metric -1
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_route_v4_del: 128.0.0.0/1 via 10.15.0.1 dev [NULL] table 0 metric -1
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: Closing TUN/TAP interface
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_addr_v4_del: 10.15.0.13 dev tun0
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: /etc/openvpn/update-resolv-conf tun0 1500 1629 10.15.0.13 255.255.0.0 init
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: SIGTERM[hard,] received, process exiting
Apr 26 15:01:02 osmc systemd[1]: openvpn@evpn_myproxy.service: Succeeded.
Apr 26 15:01:02 osmc systemd[1]: Stopped OpenVPN connection to evpn_myproxy.
$

Hi,

Please post the contents of update-resolv-conf

Regards Tom.

$ cat /etc/openvpn/update-resolv-conf

#!/usr/bin/env bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
#
# Used snippets of resolvconf script by Thomas Hood <jdthood@yahoo.co.uk>
# and Chris Hanson
# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
# 07/2013 colin@daedrum.net Fixed intet name
# 05/2006 chlauber@bnc.ch
#
# Example envs set from openvpn:
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
# foreign_option_4='dhcp-option DOMAIN-SEARCH bnc.local'

## The 'type' builtins will look for file in $PATH variable, so we set the
## PATH below. You might need to directly set the path to 'resolvconf'
## manually if it still doesn't work, i.e.
## RESOLVCONF=/usr/sbin/resolvconf
export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin
#RESOLVCONF=$(type -p resolvconf)

case $script_type in

up)
cp -af /etc/resolv.conf /dev/shm/
  for optionname in ${!foreign_option_*} ; do
    option="${!optionname}"
    echo $option
    part1=$(echo "$option" | cut -d " " -f 1)
    if [ "$part1" == "dhcp-option" ] ; then
      part2=$(echo "$option" | cut -d " " -f 2)
      part3=$(echo "$option" | cut -d " " -f 3)
      if [ "$part2" == "DNS" ] ; then
        IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
      fi
      if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
        IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
      fi
    fi
  done
  R=""
  S=""
  if [ "$IF_DNS_SEARCH" ]; then
    S="search "
    for DS in $IF_DNS_SEARCH ; do
      S="${R} $DS"
    done
  S="${S}"
  fi

  for NS in $IF_DNS_NAMESERVERS ; do
    R="${R}nameserver $NS"
  done
  if [ -z "$R" ];
  then
	echo "no dns server's pushed"
  else
  	connmanctl config ethernet_94cc04600f9c_cable --nameservers $R
  fi
    if [ -z "$S" ];                                               
  then                                                          
        echo "no domain pushed"                           
  else                                                                           
        echo $S >> /etc/resolv.conf           
  fi       
  ;;
down)
  mv /dev/shm/resolv.conf /etc/
  ;;
esac
exit 0

btw, is there a way leaving the simple text I post as it is.
I often see my text with fonts and formattinngs changed.
tia, Aldo

depends. In the case of the above I changed the format to make it readable.

Hi,

Can you openvpn manually with config file and provide the output so:-

openvpn /etc/openvpn/evpn_myproxy.conf

Regards Tom.

Preformatted textrestart break the vopn service.
start wouldn’t work either.

BR, Aldo

Upon reboot:

$ curl ifconfig.me; echo
84.155.221.119

systemctl enable openvpn@evpn_myproxy

$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
  Active: inactive (dead)
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO

Apr 26 15:01:02 osmc systemd[1]: Stopping OpenVPN connection to evpn_myproxy…
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_route_v4_del: 213.21.226.2/32 via 192.168.1.1 dev [NULL] table 0 metric -1
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_route_v4_del: 0.0.0.0/1 via 10.15.0.1 dev [NULL] table 0 metric -1
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_route_v4_del: 128.0.0.0/1 via 10.15.0.1 dev [NULL] table 0 metric -1
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: Closing TUN/TAP interface
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: net_addr_v4_del: 10.15.0.13 dev tun0
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: /etc/openvpn/update-resolv-conf tun0 1500 1629 10.15.0.13 255.255.0.0 init
Apr 26 15:01:02 osmc ovpn-evpn_myproxy[3321]: SIGTERM[hard,] received, process exiting
Apr 26 15:01:02 osmc systemd[1]: openvpn@evpn_myproxy.service: Succeeded.
Apr 26 15:01:02 osmc systemd[1]: Stopped OpenVPN connection to evpn_myproxy.
$

I started with:

systemctl start openvpn@evpn_myproxy

Status:

$ systemctl status openvpn@evpn_myproxy

• openvpn@evpn_myproxy.service - OpenVPN connection to evpn_myproxy
  Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled-runtime; vendor preset: enabled)
  Active: active (running) since Sun 2026-04-26 16:50:19 CEST; 13min ago
  Docs: man:openvpn(8)
  https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
  https://community.openvpn.net/openvpn/wiki/HOWTO
  Main PID: 3517 (openvpn)
  Status: “Initialization Sequence Completed”
  Tasks: 1 (limit: 3660)
  Memory: 1.4M
  CGroup: /system.slice/system-openvpn.slice/openvpn@evpn_myproxy.service
  `-3517 /usr/sbin/openvpn --daemon ovpn-evpn_myproxy --status /run/openvpn/evpn_myproxy.status 10 --cd /etc/openvpn --config /etc/openvpn/evpn_myproxy.conf --writepid /run/openvpn/evpn_myproxy.pid

Apr 26 16:53:42 osmc ovpn-evpn_myproxy[3517]: net_iface_up: set tun0 up
Apr 26 16:53:42 osmc ovpn-evpn_myproxy[3517]: net_addr_v4_add: 10.82.0.11/16 dev tun0
Apr 26 16:53:42 osmc ovpn-evpn_myproxy[3517]: /etc/openvpn/update-resolv-conf tun0 1500 1629 10.82.0.11 255.255.0.0 init
Apr 26 16:53:42 osmc openvpn[3557]: dhcp-option DNS 10.82.0.1
Apr 26 16:53:42 osmc openvpn[3557]: no domain pushed
Apr 26 16:53:44 osmc ovpn-evpn_myproxy[3517]: net_route_v4_add: 213.21.226.195/32 via 192.168.1.1 dev [NULL] table 0 metric -1
Apr 26 16:53:44 osmc ovpn-evpn_myproxy[3517]: net_route_v4_add: 0.0.0.0/1 via 10.82.0.1 dev [NULL] table 0 metric -1
Apr 26 16:53:44 osmc ovpn-evpn_myproxy[3517]: net_route_v4_add: 128.0.0.0/1 via 10.82.0.1 dev [NULL] table 0 metric -1
Apr 26 16:53:44 osmc ovpn-evpn_myproxy[3517]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Apr 26 16:53:44 osmc ovpn-evpn_myproxy[3517]: Initialization Sequence Completed
$

Hi,

Just tested this on my own vero5 and it works. But I did need a couple of additional steps since the script was lasted tested. We need to disable dnsproxy in connman. Please edit the following file:

/etc/osmc/prefs.d/connman

replace: dnsproxy=yes
with: dnsproxy=no

At this point either reboot or do the following:-

sudo systemctl restart connman
sudo systemctl stop openvpn@evpn_myproxy
sudo systemctl start openvpn@evpn_myproxy

Regards Tom.

systemctl start openvpn@evpn_myproxy ; systemctl stop openvpn@evpn_myproxy;
are working.
The DNS server is correctly set to the service one with start ,
and restored to the local one with stop.

Connectin on startup via Enable - Reboot will produce an Error:
Service server address cannot be found.
The correct DNS Address is written in /etc/resolv.conf though.
To regain control with Start / Stop I have to manually correct the DNS address to the local one.

It seems update-resolv-conf.sh is not feasable.

BR, Aldo

Hi,

It seems the shutdown sequence on osmc has changed since the script was last tested. So you are correct the down section of the script doesn’t work on a reboot or a shutdown. I’ve spent the evening rewriting the script to fix this and made some other improvements as well. But it does require one additional step to get it to work. Would you like to test it? If so you can review the script here first and then please follow these steps:-

# clean up the old script
sudo rm /etc/openvpn/connman-update-resolv # in your case this file may be /etc/openvpn/update-resolv-conf

# download new script and set permissions (you nolonger need to manually update ethernet_xxxxxxxxxxxxx_cable

cd /etc/openvpn
sudo wget https://raw.githubusercontent.com/tomdoyle87/bash-scripts/main/connman-update-resolv
sudo chmod u+x connman-update-resolv

# make sure your vpn configuration file contains
script-security 2                                               
up /etc/openvpn/connman-update-resolv 
down /etc/openvpn/connman-update-resolv

# Now with are going to use a systemd override to make sure dns is working when on startup (either from a shutdown or a reboot) issue the following command:-

sudo systemctl edit openvpn@evpn_myproxy

# Make sure the top section looks this and save changes:-

### Editing /etc/systemd/system/openvpn@vpn.service.d/override.conf
### Anything between here and the comment below will become the new contents of the file

[Service]
ExecStartPre=-/bin/cp /etc/resolv.conf.connman-backup /etc/resolv.conf

### Lines below this comment will be discarded

# Now make sure systemd can see the override by issuing:-

`sudo systemctl daemon-reload` 

# Now to test, make sure the vpn connection is up (sudo sudo systemctl start openvpn@evpn_myproxy) and reboot. Now when the osmc comes up the vpn should also be connected. 

If that all works there is one caveat though, if you ever change the dns servers the vero uses when not connected to vpn, either via MyOSMC or manually you need to remove /etc/resolv.conf.connman-backup so:-

sudo rm /etc/resolv.conf.connman-backup

Then restart the openvpn@ service (don’t reboot before this), so a /etc/resolv.conf.connman-backup can be generated.

Regards Tom.