OpenVPN version 2.3.2: using new easyrsa mechanism for multiple users

1. Server setup
1. ./easyrsa init-pki
1. don't do this twice!
2. ./easyrsa build-ca
2. User key and cert signing request on complete separate machine
1. ./easyrsa init-pki
1. don't do this twice!
2. ./easyrsa gen-req myuser
3. Server signs user cert req
1. ./easyrsa import-req myuser.req myuser
2. ./easyrsa sign-req client myuser

Generate your server key and cert in a similar manner to a user.

Any client with a signed cert may connect to the server. There is no record of the client cert on the server itself; since the server signed the user cert, that is authority enough to validate the user cert.

Only if a user cert needs to be revoked, is a "revocation file" created on the server; this revocation file disallows that user from connecting. If no users need to be revoked, nothing needs to be done, nothing needs to exist about users on the server-side.

https://community.openvpn.net/openvpn/wiki/EasyRSA3-OpenVPN-Howto

Exclude domains in your google search results

1.  Put '-' in front of 'site:' operator
1. e.g.
1. Try: how to learn tibco -site:tibco.com -site:tibcommunity.com
2. searches for materials on "how to learn tibco" while ignoring all Tibco's noise

FYI: It seems there is a copyright, so searching for "SOA" instead might lead to more books with desired material covered.