VPNs use certificates and keys. We're going to spend some time building certificates and keys, so we should get clear on what they are.
Certificates and encryption are what make OpenVPN secure. Managing client certificates is a big part of managing any VPN server. I'm going to generate a server certificate and I'm going to generate many client certificates. It will be more than I think I'll need, but I'll go ahead and generate them all now, before I forget how. I'll use a tool called easy-rsa.