From df5a50bc84e231142ee1a4d026bf98e4e0af0bbc Mon Sep 17 00:00:00 2001
From: Administrator <fulviogaleazzi@gmail.com>
Date: Thu, 16 Apr 2020 12:57:54 +0200
Subject: [PATCH] Update README.md

---
 README.md | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 71aaee5..a5a2936 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ We also assume that:
    * *openvpn* has a public IP address (`1.2.3.4`) as well as a private address
      `10.9.8.8`
    * *authca* has only a private address `10.9.8.7`
-
+   * this package has been installed (`git clone`) under `/home/Ansible/`
 
 Step 0: repeat each time
 ------------------------
@@ -125,9 +125,9 @@ At this point, both servers are ready to process client certificates.
 Step 4: Client Configuration
 ----------------------------
 
-Repeat this step each time you need to issue a new client configuration file
-for OpenVPN (.ovpn file). The .ovpn file is self-contained, namely it includes
-all required files (ca.crt, dh.pem, ta.key).
+Repeat this step and the following one each time you need to issue a new client 
+configuration file for OpenVPN (.ovpn file). The .ovpn file is self-contained, 
+namely it includes all required files (ca.crt, dh.pem, ta.key).
 
 
 ### Step 4a: Update Ansible configuration
@@ -137,6 +137,8 @@ In the following example we are adding a stanza for a configuration for `misterX
    ```
    ...
    clientconfig:
+     ...
+     cfghome: /home/ubuntu/configuration-files
      ...
      clients:
      ...
@@ -146,8 +148,17 @@ In the following example we are adding a stanza for a configuration for `misterX
    ```
 
 Note that:
-*  `nameshort` should not contain blanks
-*  `CommonName` is enclosed in single and double quotes
+*  `cfghome` points to the directory where configuration files will be
+   accumulated
+*  under `clients:`
+   * the first line of each stanza is just the name of the stanza, has no particular meaning;
+   *  `nameshort` should not contain blanks. Note that this will also be the name 
+      of the resulting configuration file: choose it wisely so it's easy to 
+      distinguish this one from other configuration files you (or tour user) may
+      be using;
+   *  `CommonName` is enclosed in single and double quotes: this, too, has no
+      particular meaning as it will only be shown when querying the certificate
+      contained in the resulting configuration file.
 
 
 ### Step 4b: Generate client certificate
-- 
GitLab