./build-key-server server (name for files to generate. Provide server DNS name for Common Name, sign and commit) Create client certificates
Each client gets a unique certificate, that must be signed by this CA to be recognized by the server.
. vars
./build-key personname
(name for files to generate--make them unique, we usually use the person's name or a numbered system like client1, client2, etc. Use ./build-key-pass for passphrase-encrypted keys.) Configure OpenVPN Server-Routed
cd /etc/openvpn
Notes: The VPN will not work when you're already connected to your LAN. It should work via external networks.