From 52e51a5cebaf5085f020df21cd12841e8eeb3ab0 Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Sun, 1 Jul 2018 17:01:25 +0200
Subject: [PATCH] Update ANW-URB openvpn

---
 .../ccd/server-gw-ckubu/ANW-URB-VPN-gw-ckubu  |   6 -
 .../ccd/server-home/ANW-Urban-VPN-chris       |   4 -
 .../ccd/server-home/ANW-Urban-VPN-undine      |   2 -
 ANW-URB/openvpn/easy-rsa/1.0/README.gz        | Bin 2612 -> 0 bytes
 ANW-URB/openvpn/easy-rsa/1.0/build-ca         |  13 -
 ANW-URB/openvpn/easy-rsa/1.0/build-dh         |  12 -
 ANW-URB/openvpn/easy-rsa/1.0/build-inter      |  19 -
 ANW-URB/openvpn/easy-rsa/1.0/build-key        |  20 -
 ANW-URB/openvpn/easy-rsa/1.0/build-key-pass   |  20 -
 ANW-URB/openvpn/easy-rsa/1.0/build-key-pkcs12 |  21 -
 ANW-URB/openvpn/easy-rsa/1.0/build-key-server |  22 -
 ANW-URB/openvpn/easy-rsa/1.0/build-req        |  18 -
 ANW-URB/openvpn/easy-rsa/1.0/build-req-pass   |  18 -
 ANW-URB/openvpn/easy-rsa/1.0/clean-all        |  19 -
 ANW-URB/openvpn/easy-rsa/1.0/list-crl         |  18 -
 ANW-URB/openvpn/easy-rsa/1.0/make-crl         |  18 -
 ANW-URB/openvpn/easy-rsa/1.0/openssl.cnf      | 255 ------------
 ANW-URB/openvpn/easy-rsa/1.0/revoke-crt       |  18 -
 ANW-URB/openvpn/easy-rsa/1.0/revoke-full      |  29 --
 ANW-URB/openvpn/easy-rsa/1.0/sign-req         |  18 -
 ANW-URB/openvpn/easy-rsa/1.0/vars             |  49 ---
 ANW-URB/openvpn/easy-rsa/2.0/Makefile         |  13 -
 ANW-URB/openvpn/easy-rsa/2.0/README.gz        | Bin 3757 -> 0 bytes
 ANW-URB/openvpn/easy-rsa/2.0/build-ca         |   8 -
 ANW-URB/openvpn/easy-rsa/2.0/build-dh         |  11 -
 ANW-URB/openvpn/easy-rsa/2.0/build-inter      |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/build-key        |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/build-key-pass   |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/build-key-pkcs12 |   8 -
 ANW-URB/openvpn/easy-rsa/2.0/build-key-server |  10 -
 ANW-URB/openvpn/easy-rsa/2.0/build-req        |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/build-req-pass   |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/clean-all        |  16 -
 ANW-URB/openvpn/easy-rsa/2.0/inherit-inter    |  39 --
 ANW-URB/openvpn/easy-rsa/2.0/keys/01.pem      |  76 ----
 ANW-URB/openvpn/easy-rsa/2.0/keys/02.pem      |  76 ----
 ANW-URB/openvpn/easy-rsa/2.0/keys/03.pem      |  74 ----
 .../openvpn/easy-rsa/2.0/keys/alix.site.crt   |  76 ----
 .../openvpn/easy-rsa/2.0/keys/alix.site.csr   |  13 -
 .../openvpn/easy-rsa/2.0/keys/alix.site.key   |  15 -
 ANW-URB/openvpn/easy-rsa/2.0/keys/ca.crt      |  24 --
 ANW-URB/openvpn/easy-rsa/2.0/keys/ca.key      |  15 -
 .../easy-rsa/2.0/keys/crl-test.site.crt       |  76 ----
 .../easy-rsa/2.0/keys/crl-test.site.csr       |  12 -
 .../easy-rsa/2.0/keys/crl-test.site.key       |  15 -
 ANW-URB/openvpn/easy-rsa/2.0/keys/crl.pem     |  11 -
 ANW-URB/openvpn/easy-rsa/2.0/keys/dh1024.pem  |   5 -
 ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt   |   3 -
 .../openvpn/easy-rsa/2.0/keys/index.txt.attr  |   1 -
 .../easy-rsa/2.0/keys/index.txt.attr.old      |   1 -
 .../openvpn/easy-rsa/2.0/keys/index.txt.old   |   2 -
 .../openvpn/easy-rsa/2.0/keys/revoke-test.pem |  35 --
 ANW-URB/openvpn/easy-rsa/2.0/keys/serial      |   1 -
 ANW-URB/openvpn/easy-rsa/2.0/keys/serial.old  |   1 -
 .../openvpn/easy-rsa/2.0/keys/vpn01.site.crt  |  74 ----
 .../openvpn/easy-rsa/2.0/keys/vpn01.site.csr  |  13 -
 .../openvpn/easy-rsa/2.0/keys/vpn01.site.key  |  15 -
 ANW-URB/openvpn/easy-rsa/2.0/list-crl         |  13 -
 .../openvpn/easy-rsa/2.0/openssl-0.9.6.cnf    | 265 ------------
 .../openvpn/easy-rsa/2.0/openssl-0.9.8.cnf    | 290 --------------
 .../openvpn/easy-rsa/2.0/openssl-1.0.0.cnf    | 285 -------------
 .../easy-rsa/2.0/openssl-1.0.0.cnf-old-copy   | 285 -------------
 ANW-URB/openvpn/easy-rsa/2.0/openssl.cnf      | 285 -------------
 ANW-URB/openvpn/easy-rsa/2.0/pkitool          | 379 ------------------
 ANW-URB/openvpn/easy-rsa/2.0/revoke-full      |  40 --
 ANW-URB/openvpn/easy-rsa/2.0/sign-req         |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/README.gz    | Bin 3757 -> 0 bytes
 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-ca     |   8 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-dh     |  11 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-inter  |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key    |   7 -
 .../openvpn/easy-rsa/2.0/tmp/build-key-pass   |   7 -
 .../openvpn/easy-rsa/2.0/tmp/build-key-pkcs12 |   8 -
 .../openvpn/easy-rsa/2.0/tmp/build-key-server |  10 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req    |   7 -
 .../openvpn/easy-rsa/2.0/tmp/build-req-pass   |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/clean-all    |  16 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/file         |   1 -
 .../openvpn/easy-rsa/2.0/tmp/inherit-inter    |  39 --
 ANW-URB/openvpn/easy-rsa/2.0/tmp/list-crl     |  13 -
 .../easy-rsa/2.0/tmp/openssl-0.9.6.cnf        | 265 ------------
 .../easy-rsa/2.0/tmp/openssl-1.0.0.cnf        | 285 -------------
 ANW-URB/openvpn/easy-rsa/2.0/tmp/pkitool      | 379 ------------------
 ANW-URB/openvpn/easy-rsa/2.0/tmp/revoke-full  |  40 --
 ANW-URB/openvpn/easy-rsa/2.0/tmp/sign-req     |   7 -
 ANW-URB/openvpn/easy-rsa/2.0/tmp/vars         |  74 ----
 .../openvpn/easy-rsa/2.0/tmp/whichopensslcnf  |  23 --
 ANW-URB/openvpn/easy-rsa/2.0/vars             |  86 ----
 ANW-URB/openvpn/easy-rsa/2.0/whichopensslcnf  |  26 --
 ANW-URB/openvpn/ipaddresses.txt               |   7 -
 ANW-URB/openvpn/ipp.txt                       |   0
 ANW-URB/openvpn/keys/01.pem                   |  70 ----
 ANW-URB/openvpn/keys/02.pem                   |  67 ----
 ANW-URB/openvpn/keys/03.pem                   |  67 ----
 ANW-URB/openvpn/keys/04.pem                   |  73 ----
 ANW-URB/openvpn/keys/ca.crt                   |  22 -
 ANW-URB/openvpn/keys/ca.key                   |  15 -
 ANW-URB/openvpn/keys/chris.crt                |  67 ----
 ANW-URB/openvpn/keys/chris.csr                |  12 -
 ANW-URB/openvpn/keys/chris.key                |  18 -
 ANW-URB/openvpn/keys/dh1024.pem               |   5 -
 ANW-URB/openvpn/keys/gw-ckubu.crt             |  73 ----
 ANW-URB/openvpn/keys/gw-ckubu.csr             |  13 -
 ANW-URB/openvpn/keys/gw-ckubu.key             |  17 -
 ANW-URB/openvpn/keys/index.txt                |   4 -
 ANW-URB/openvpn/keys/index.txt.attr           |   1 -
 ANW-URB/openvpn/keys/index.txt.attr.old       |   1 -
 ANW-URB/openvpn/keys/index.txt.old            |   3 -
 ANW-URB/openvpn/keys/serial                   |   1 -
 ANW-URB/openvpn/keys/serial.old               |   1 -
 ANW-URB/openvpn/keys/server.crt               |  70 ----
 ANW-URB/openvpn/keys/server.csr               |  12 -
 ANW-URB/openvpn/keys/server.key               |  15 -
 ANW-URB/openvpn/keys/ta.key                   |  21 -
 ANW-URB/openvpn/keys/undine.crt               |  67 ----
 ANW-URB/openvpn/keys/undine.csr               |  12 -
 ANW-URB/openvpn/keys/undine.key               |  18 -
 ANW-URB/openvpn/server-home.conf              | 302 --------------
 ANW-URB/openvpn/server.conf.20130918          | 294 --------------
 119 files changed, 5896 deletions(-)
 delete mode 100644 ANW-URB/openvpn/ccd/server-gw-ckubu/ANW-URB-VPN-gw-ckubu
 delete mode 100644 ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-chris
 delete mode 100644 ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-undine
 delete mode 100644 ANW-URB/openvpn/easy-rsa/1.0/README.gz
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-ca
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-dh
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-inter
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-key
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-key-pass
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-key-pkcs12
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-key-server
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-req
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/build-req-pass
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/clean-all
 delete mode 100644 ANW-URB/openvpn/easy-rsa/1.0/list-crl
 delete mode 100644 ANW-URB/openvpn/easy-rsa/1.0/make-crl
 delete mode 100644 ANW-URB/openvpn/easy-rsa/1.0/openssl.cnf
 delete mode 100644 ANW-URB/openvpn/easy-rsa/1.0/revoke-crt
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/revoke-full
 delete mode 100755 ANW-URB/openvpn/easy-rsa/1.0/sign-req
 delete mode 100644 ANW-URB/openvpn/easy-rsa/1.0/vars
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/Makefile
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/README.gz
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-ca
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-dh
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-inter
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-key
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-key-pass
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-key-pkcs12
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-key-server
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-req
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/build-req-pass
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/clean-all
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/inherit-inter
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/01.pem
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/02.pem
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/03.pem
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.crt
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.csr
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.key
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/ca.crt
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/ca.key
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.crt
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.csr
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.key
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/crl.pem
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/dh1024.pem
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr.old
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.old
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/revoke-test.pem
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/serial
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/serial.old
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.crt
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.csr
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.key
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/list-crl
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.6.cnf
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.8.cnf
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf-old-copy
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/openssl.cnf
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/pkitool
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/revoke-full
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/sign-req
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/tmp/README.gz
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-ca
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-dh
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-inter
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pass
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pkcs12
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-server
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req-pass
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/clean-all
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/tmp/file
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/inherit-inter
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/list-crl
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-0.9.6.cnf
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-1.0.0.cnf
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/pkitool
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/revoke-full
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/sign-req
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/tmp/vars
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/tmp/whichopensslcnf
 delete mode 100644 ANW-URB/openvpn/easy-rsa/2.0/vars
 delete mode 100755 ANW-URB/openvpn/easy-rsa/2.0/whichopensslcnf
 delete mode 100644 ANW-URB/openvpn/ipaddresses.txt
 delete mode 100644 ANW-URB/openvpn/ipp.txt
 delete mode 100644 ANW-URB/openvpn/keys/01.pem
 delete mode 100644 ANW-URB/openvpn/keys/02.pem
 delete mode 100644 ANW-URB/openvpn/keys/03.pem
 delete mode 100644 ANW-URB/openvpn/keys/04.pem
 delete mode 100644 ANW-URB/openvpn/keys/ca.crt
 delete mode 100644 ANW-URB/openvpn/keys/ca.key
 delete mode 100644 ANW-URB/openvpn/keys/chris.crt
 delete mode 100644 ANW-URB/openvpn/keys/chris.csr
 delete mode 100644 ANW-URB/openvpn/keys/chris.key
 delete mode 100644 ANW-URB/openvpn/keys/dh1024.pem
 delete mode 100644 ANW-URB/openvpn/keys/gw-ckubu.crt
 delete mode 100644 ANW-URB/openvpn/keys/gw-ckubu.csr
 delete mode 100644 ANW-URB/openvpn/keys/gw-ckubu.key
 delete mode 100644 ANW-URB/openvpn/keys/index.txt
 delete mode 100644 ANW-URB/openvpn/keys/index.txt.attr
 delete mode 100644 ANW-URB/openvpn/keys/index.txt.attr.old
 delete mode 100644 ANW-URB/openvpn/keys/index.txt.old
 delete mode 100644 ANW-URB/openvpn/keys/serial
 delete mode 100644 ANW-URB/openvpn/keys/serial.old
 delete mode 100644 ANW-URB/openvpn/keys/server.crt
 delete mode 100644 ANW-URB/openvpn/keys/server.csr
 delete mode 100644 ANW-URB/openvpn/keys/server.key
 delete mode 100644 ANW-URB/openvpn/keys/ta.key
 delete mode 100644 ANW-URB/openvpn/keys/undine.crt
 delete mode 100644 ANW-URB/openvpn/keys/undine.csr
 delete mode 100644 ANW-URB/openvpn/keys/undine.key
 delete mode 100644 ANW-URB/openvpn/server-home.conf
 delete mode 100644 ANW-URB/openvpn/server.conf.20130918

diff --git a/ANW-URB/openvpn/ccd/server-gw-ckubu/ANW-URB-VPN-gw-ckubu b/ANW-URB/openvpn/ccd/server-gw-ckubu/ANW-URB-VPN-gw-ckubu
deleted file mode 100644
index d5bf6f6..0000000
--- a/ANW-URB/openvpn/ccd/server-gw-ckubu/ANW-URB-VPN-gw-ckubu
+++ /dev/null
@@ -1,6 +0,0 @@
-ifconfig-push 10.1.132.2 255.255.255.0
-push "route 192.168.132.0 255.255.255.0 10.1.132.1"
-push "route 192.168.133.0 255.255.255.0 10.1.132.1"
-push "route 172.16.132.0 255.255.255.0 10.1.132.1"
-iroute 192.168.63.0 255.255.255.0
-iroute 192.168.64.0 255.255.255.0
diff --git a/ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-chris b/ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-chris
deleted file mode 100644
index a4db4ae..0000000
--- a/ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-chris
+++ /dev/null
@@ -1,4 +0,0 @@
-ifconfig-push 10.0.132.3 255.255.255.0
-push "route 172.16.132.0 255.255.255.0"
-#push "route 192.168.1.0 255.255.255.0"
-
diff --git a/ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-undine b/ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-undine
deleted file mode 100644
index d0aacae..0000000
--- a/ANW-URB/openvpn/ccd/server-home/ANW-Urban-VPN-undine
+++ /dev/null
@@ -1,2 +0,0 @@
-ifconfig-push 10.0.132.4 255.255.255.0
-#push "route 192.168.1.0 255.255.255.0"
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/README.gz b/ANW-URB/openvpn/easy-rsa/1.0/README.gz
deleted file mode 100644
index 471cc04646c372915c3cf2b29af5e92eafa5d7d2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2612
zcmV-43d{8$iwFP!000021C?0sZ{xTT{jR@akQTTEu$BGU-Ua9fZ{poGF0r?^(`)*r
zpd~tHBZ)eZir4qo_sx*9WhYnkfB>;Aayav5=FOv)8{-Inid?CRg64}6J?R~ls#1@-
z)Rm`NWl#7#NLI?}oNPsYqsi8~a;~7vmROrpVJc1D+G2pm$|sqsXr*awTRb#jk5+Cs
zY#h#NSGj3)=54b}>{=eqVDKN`rj#4!8?$P?u~nKR%Z+xLRHLcUYu)H7(^OfnT}t%X
zHsrjnlhscC;~ea5Gv4Y3<g^ycUuVB8XIDwG@xH#gykyUx>ng3ZzuefZx9P^0MUqUW
zi{<F{Hc8&5G|r8uXVthgd6&{cd-{3&@bBx{^z-BkqNLgyAcGG*DAKH2)7lg|A%Z7a
z(dIga4uFrtdVer_GnpS*RJ4bNwi}aeXlsgsZDzLe3idcp$PpsUbmPt1WD0l;Nc#++
zEO8pIK3J(V`~YU8zr%?Eak|W!5MgeyPu%r#3TG_Wh4$F6HGV@)NyBChC@p;&^TO-V
zeEj+TmH-^>YzvI{QKZR-l+I^0N2rR6fT0CI4N%cV?idTkl<m~`75kAt<8h|)3a&rE
zV5tzc5-1{$4a!E#A&bes#thNBHy?iF2-pEshS*b$s;tQ+xZGAhcq$D(y25U86yTCo
zjm@-krg|I@QX%*O(PBq$-@N-k0k}0+@*1TDP(7AX-8Qv#QgNLZysm7WXTZ<_wen_F
zpiHyII!7x+jR<uNRUt{4;WaSE`2%WMi;7+>ZZDU&i<sL=XQ4Pg5~TsCzoe92W`$PO
z5J^w|n$pNg)C>x6JI;To2>>7l508NHW5s7T`qvgQVG)`V-gyQ~x)mEN!;o_Ca}7Ik
z8`~B+2l%9G&kn9l4n8odNO^slHD1t8GuOmDvFRPthJ6O^Xh;cFJlZJ4Sio|NqE?RT
z0@!=~9fesc1FJu#QUdYhO0xwiUgSKp^$y7G9b}6u?YCN2l7ZGEAY^E28z!<H$Ofl$
zPk6Ny_(nZzRJ$X)t@;>UvfWyl29)#ZesX(553~C@&3>8Ed^TIs^?1IVe4bp7mSY;-
zFTc*_ljQ@QUym;Ok1kOk!XN47sx?JE%oOuSruJarBcIeY8?W+Q6VeN@k&e2zb7wTA
z$#glM-;Hl3?8NI1o%llMwrj^Dw-|O#4kH8q<ip;@@a>OzDI2-WI^vL(jkUfH@*dlp
z$>-0L@$l>T_Vx~eeH+b3cVh&%pmTHqI#j_VS}<XHb-Lj~&^Q63LUmo!YnhAmD7t*J
z2ki)^#pKI$GW|mH@!#*qizS^;)(JOLq#N-+INom_2}emRN&k0d<Hi;RB3^O)f$6|G
z=Go+}DiSb=Z5~x+epBq^0N>Do&g9&Rwi2RW%SZ!Pp;$pXF_14H)mSs<jKC?57qo6{
zDXyNjx@!H#HpcH{64>@}Bjbmcc`&5Id0m%EgW_Y?qg{gzWE?f<zDkGz;~fPvgd@Y!
z<T=xv_s|4^iG&4(955?7E{V=>(d0aLyeh%>u{7Y=t!f@MMhU3E7SDR`A?O(_S~8v+
z)#O{#FjP3$ysRajCSgR>wr&g6&{nT#)!3~IL@+`=%NpKpF;Nf^qBZMXmq{6AEPR++
zc%U-Q#<>=lM1|uq2<wf-Fp$O#AqtR)QdX4tN7t5|SGQ4b`6HK*@&MCyRss}Zt}sQG
z%7d5AI}ViUl665xUC~*z8aAF?hyuCZSj#eqDpiKz^rB8Xi{U|!_jn8Nm{i11^mi3d
z(V@Ltm^~|ZZ0SsNN!LXf78HKxxz4=Ib%XdUN~N^OdK7M9xQBrXIlxDrT_YL*FvZbl
z(pt9E$TG6oRt7`p$lEagg2O*JNDJ7GPTy+gYtB!toZH$a4@iofSQV;z;#me<LorGx
z3jlRvo*9)m_~8O79`)tH7@=c3gE-}$6#>BQpJ77j^2jt?y2IgKB$et(hf_o;GaiR2
z$0(=*dP#nVe6bZ8$>=~aKpQ~mOfl@@anyF*m~(AiV|axaqC2R+oi}9=vwS3c!~R^x
z@N~8uU-iTgo*V}=kQDc_I^-uoTR}7{Vb$K_<fCLe1lLV~Ehxof(!#?(NB+MI#leGu
zb;`qwdOQ{#ub7I7IW-75!AfV$nt%?!b!z*-uyn$(GUP=uM{aiX8hb{K9BEL-7&rOv
z(V@ta(V7P)TidH0&O)4csHWErV$*v*9_-T%L^5r-tb?5{#K02gr;U99f4>zf>o4qP
zF>mPZ5c^r2CO@T!P$*?(*uTI$Nb|wMfDY-C8$c8%Y@C6qpzl{&%1p{KK*BhMIUKgU
zGK(?6c+URs(HqA#!`J5-5M3|EKcGHB&G%}Bqd7>B>ruzQOgW|k)1(JobwmG$!}kmR
zHlo|vHSUNH6fcY8n-}s>bQjn{hMLP71M&Q*E8WP@>U0v{xcl9L@EBaa#p0q34l#S~
zafgA^*~yP*K5Rz5OAh*7ZYH$}`Qy#GTxX<H0>_4mPfp9dFQtUw1Xd_Bdtju<q^!L-
zYqNQOhY-wun@qS@H@<(l@hNj}-|e@4`}ul7f5H!I7WMvu2hqunC=QPftK2odEO)j3
zTX=lIoYt!>2JBG&uNT^@tu^Rx?bm1^0^$GNQQ@UDS-%z{OCxD6B@!!GtT|M!QZXx2
zgtI7jy*$2Bh>9r4rTvT>yeNpEJx<j3<nG&Sz8p=_fJ;m2SuV^FP`DEF_4V$c^zQmf
z53CCL#{C}Y>^H=k6=A3~Mh6uYC_r9eL@^wf020Fj(Ag^7f!Y6%nL!w)jtdYQb%jiW
z=~yn%lL?AHrnpb6qUHD_*D}n9gPbtCc*^zMHY}|RzDOV+2dxb~==i0R%2;$1#%+R6
z1{wz6yxzaBLcy{eT(cUE@1Cxb<oxXged2t^7Z@+x>#4faLglnkAcbxWNv_eGq8!7F
zKgy*GB@)jW$~C>efZu&-FSx!ad{GFv5^qW6p(NJ0vDhsyjxX$@UJRKMk^9&-0_>G+
zCX#=Z8}gw;59865L>?SsSQQqf5>pXwDBW0Ke7P)ky-4DyF61V`uD$Snk4l{FoEE;i
z_o5#VUsG8AoZ_}oOo2LVJf71K{^4vE0j8Jl?iJ(_3}QgK@_dN<d?W+RZ@#RZzq^2X
z3|Sivec>?9O3QDwx>fsoKx`LLJzRUb_Lq(RkF?C;mU|eabo9D46G0tP!B>E&y<Zj|
zJM}&|rJ_sm<`ZWTL{nX~k4D7Y3qSe^dd(Lw3NCy|Ex#N)_CmJyJb{$g<x1!L7WAJV
z-~7aHedU;3dq_LSo_@HX1>d@Vw~2TtB446TVvY9J$dU1aerRxJ-5`MaRZVA^I_u>n
zyk!y#hd0ZIXoj7B4b@WUlPq->#lWf66N|x*o<)Stx_tqy#4l3&bsO$B+<V;{_V0`x
Wc$xN7XUH$jlK%pC_oVl`7XScWxfKck

diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-ca b/ANW-URB/openvpn/easy-rsa/1.0/build-ca
deleted file mode 100755
index 5ad59cc..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-ca
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-#
-# Build a root certificate
-#
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl req -days 3650 -nodes -new -x509 -keyout ca.key -out ca.crt -config $KEY_CONFIG && \
-        chmod 0600 ca.key
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-dh b/ANW-URB/openvpn/easy-rsa/1.0/build-dh
deleted file mode 100755
index 6de4baf..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-dh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-#
-# Build Diffie-Hellman parameters for the server side
-# of an SSL/TLS connection.
-#
-
-if test $KEY_DIR; then
-    openssl dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
-else
-    echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-inter b/ANW-URB/openvpn/easy-rsa/1.0/build-inter
deleted file mode 100755
index 8b3a6b2..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-inter
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-
-#
-# Make an intermediate CA certificate/private key pair using a locally generated
-# root certificate.
-#
-
-if test $# -ne 1; then
-        echo "usage: build-inter <name>";
-        exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
-	openssl ca -extensions v3_ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-key b/ANW-URB/openvpn/easy-rsa/1.0/build-key
deleted file mode 100755
index 3159d2b..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-key
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-
-#
-# Make a certificate/private key pair using a locally generated
-# root certificate.
-#
-
-if test $# -ne 1; then
-        echo "usage: build-key <name>";
-        exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
-	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
-	chmod 0600 $1.key
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-key-pass b/ANW-URB/openvpn/easy-rsa/1.0/build-key-pass
deleted file mode 100755
index 03ab304..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-key-pass
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-
-#
-# Similar to build-key, but protect the private key
-# with a password.
-#
-
-if test $# -ne 1; then
-        echo "usage: build-key-pass <name>";
-        exit 1
-fi
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
-	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
-	chmod 0600 $1.key
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-key-pkcs12 b/ANW-URB/openvpn/easy-rsa/1.0/build-key-pkcs12
deleted file mode 100755
index f8a057b..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-key-pkcs12
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-
-#
-# Make a certificate/private key pair using a locally generated
-# root certificate and convert it to a PKCS #12 file including the
-# the CA certificate as well.
-
-if test $# -ne 1; then
-        echo "usage: build-key-pkcs12 <name>";
-        exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG && \
-	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG && \
-        openssl pkcs12 -export -inkey $1.key -in $1.crt -certfile ca.crt -out $1.p12 && \
-	chmod 0600 $1.key $1.p12
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-key-server b/ANW-URB/openvpn/easy-rsa/1.0/build-key-server
deleted file mode 100755
index 30dc41e..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-key-server
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-
-#
-# Make a certificate/private key pair using a locally generated
-# root certificate.
-#
-# Explicitly set nsCertType to server using the "server"
-# extension in the openssl.cnf file.
-
-if test $# -ne 1; then
-        echo "usage: build-key-server <name>";
-        exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -extensions server -config $KEY_CONFIG && \
-	openssl ca -days 3650 -out $1.crt -in $1.csr -extensions server -config $KEY_CONFIG && \
-        chmod 0600 $1.key
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-req b/ANW-URB/openvpn/easy-rsa/1.0/build-req
deleted file mode 100755
index 30f62f5..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-req
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-#
-# Build a certificate signing request and private key.  Use this
-# when your root certificate and key is not available locally.
-#
-
-if test $# -ne 1; then
-    echo "usage: build-req <name>";
-    exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-    cd $KEY_DIR && \
-    openssl req -days 3650 -nodes -new -keyout $1.key -out $1.csr -config $KEY_CONFIG
-else
-    echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/build-req-pass b/ANW-URB/openvpn/easy-rsa/1.0/build-req-pass
deleted file mode 100755
index 829b286..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/build-req-pass
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-#
-# Like build-req, but protect your private key
-# with a password.
-#
-
-if test $# -ne 1; then
-    echo "usage: build-req-pass <name>";
-    exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-    cd $KEY_DIR && \
-    openssl req -days 3650 -new -keyout $1.key -out $1.csr -config $KEY_CONFIG
-else
-    echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/clean-all b/ANW-URB/openvpn/easy-rsa/1.0/clean-all
deleted file mode 100755
index d10aef5..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/clean-all
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-
-#
-# Initialize the $KEY_DIR directory.
-# Note that this script does a
-# rm -rf on $KEY_DIR so be careful!
-#
-
-d=$KEY_DIR
-
-if test $d; then
-	rm -rf $d
-	mkdir $d && \
-	chmod go-rwx $d && \
-	touch $d/index.txt && \
-	echo 01 >$d/serial
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/list-crl b/ANW-URB/openvpn/easy-rsa/1.0/list-crl
deleted file mode 100644
index b214dbd..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/list-crl
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-#
-# list revoked certificates
-#
-#
-
-if test $# -ne 1; then
-        echo "usage: list-crl <crlfile.pem>";
-        exit 1
-fi
-
-if test $KEY_DIR; then
-       cd $KEY_DIR && \
-       openssl crl -text -noout -in $1
-else
-       echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/make-crl b/ANW-URB/openvpn/easy-rsa/1.0/make-crl
deleted file mode 100644
index 62fe6c1..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/make-crl
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-#
-# generate a CRL
-#
-#
-
-if test $# -ne 1; then
-        echo "usage: make-crl <crlfile.pem>";
-        exit 1
-fi
-
-if test $KEY_DIR; then
-       cd $KEY_DIR && \
-       openssl ca -gencrl -out $1 -config $KEY_CONFIG
-else
-       echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/openssl.cnf b/ANW-URB/openvpn/easy-rsa/1.0/openssl.cnf
deleted file mode 100644
index 270b069..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/openssl.cnf
+++ /dev/null
@@ -1,255 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key	 	# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType			= server
-nsComment			= "OpenSSL Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/revoke-crt b/ANW-URB/openvpn/easy-rsa/1.0/revoke-crt
deleted file mode 100644
index 35b071a..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/revoke-crt
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-#
-# revoke a certificate
-#
-#
-
-if test $# -ne 1; then
-        echo "usage: revoke-crt <file.crt>";
-        exit 1
-fi
-
-if test $KEY_DIR; then
-       cd $KEY_DIR && \
-       openssl ca -revoke $1 -config $KEY_CONFIG
-else
-       echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/revoke-full b/ANW-URB/openvpn/easy-rsa/1.0/revoke-full
deleted file mode 100755
index 66ea03f..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/revoke-full
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-
-# revoke a certificate, regenerate CRL,
-# and verify revocation
-
-CRL=crl.pem
-RT=revoke-test.pem
-
-if test $# -ne 1; then
-        echo "usage: revoke-full <name>";
-        exit 1
-fi
-
-if test $KEY_DIR; then
-       cd $KEY_DIR
-       rm -f $RT
-
-       # revoke key and generate a new CRL
-       openssl ca -revoke $1.crt -config $KEY_CONFIG
-
-       # generate a new CRL
-       openssl ca -gencrl -out $CRL -config $KEY_CONFIG
-       cat ca.crt $CRL >$RT
-    
-       # verify the revocation
-       openssl verify -CAfile $RT -crl_check $1.crt
-else
-       echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/sign-req b/ANW-URB/openvpn/easy-rsa/1.0/sign-req
deleted file mode 100755
index 59edc42..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/sign-req
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-#
-# Sign a certificate signing request (a .csr file)
-# with a local root certificate and key.
-#
-
-if test $# -ne 1; then
-        echo "usage: sign-req <name>";
-        exit 1
-fi                                                                             
-
-if test $KEY_DIR; then
-	cd $KEY_DIR && \
-	openssl ca -days 3650 -out $1.crt -in $1.csr -config $KEY_CONFIG
-else
-	echo you must define KEY_DIR
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/1.0/vars b/ANW-URB/openvpn/easy-rsa/1.0/vars
deleted file mode 100644
index da89cd2..0000000
--- a/ANW-URB/openvpn/easy-rsa/1.0/vars
+++ /dev/null
@@ -1,49 +0,0 @@
-# easy-rsa parameter settings
-
-# NOTE: If you installed from an RPM,
-# don't edit this file in place in
-# /usr/share/openvpn/easy-rsa --
-# instead, you should copy the whole
-# easy-rsa directory to another location
-# (such as /etc/openvpn) so that your
-# edits will not be wiped out by a future
-# OpenVPN package upgrade.
-
-# This variable should point to
-# the top level of the easy-rsa
-# tree.
-export D=`pwd`
-
-# This variable should point to
-# the openssl.cnf file included
-# with easy-rsa.
-export KEY_CONFIG=$D/openssl.cnf
-
-# Edit this variable to point to
-# your soon-to-be-created key
-# directory.
-#
-# WARNING: clean-all will do
-# a rm -rf on this directory
-# so make sure you define
-# it correctly!
-export KEY_DIR=$D/keys
-
-# Issue rm -rf warning
-echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
-
-# Increase this to 2048 if you
-# are paranoid.  This will slow
-# down TLS negotiation performance
-# as well as the one-time DH parms
-# generation process.
-export KEY_SIZE=1024
-
-# These are the default values for fields
-# which will be placed in the certificate.
-# Don't leave any of these fields blank.
-export KEY_COUNTRY=KG
-export KEY_PROVINCE=NA
-export KEY_CITY=BISHKEK
-export KEY_ORG="OpenVPN-TEST"
-export KEY_EMAIL="me@myhost.mydomain"
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/Makefile b/ANW-URB/openvpn/easy-rsa/2.0/Makefile
deleted file mode 100644
index 8000cc5..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
-
-DESTDIR=
-PREFIX=
-
-all:
-	echo "All done."
-	echo "Run make install DESTDIR=/usr/share/somewhere"
-
-install:
-	install -d "${DESTDIR}/${PREFIX}"
-	install -m 0755 build-* "${DESTDIR}/${PREFIX}"
-	install -m 0755 clean-all list-crl inherit-inter pkitool revoke-full sign-req whichopensslcnf "${DESTDIR}/${PREFIX}"
-	install -m 0644 openssl-0.9.6.cnf openssl-0.9.8.cnf openssl-1.0.0.cnf README vars "${DESTDIR}/${PREFIX}"
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/README.gz b/ANW-URB/openvpn/easy-rsa/2.0/README.gz
deleted file mode 100644
index ad3896f45d77e9f3d35f32ff3b4abfd4af3ed455..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 3757
zcmV;e4pQ+SiwFP!000021Fc$ZbK5o&{(SrusPATK--wj$B-hr{%Z%$dttW}?vFxV3
zPA3DAkc2ZyumEXA{q^_k0-#9QNj~&6okk*n#lAlKLZ6?`eob#?r{ZU2oi?>N&JI(X
zA0^4{N;`r7q;QoiOF^6N)kajZmP=Ksx)qJg@9}*i=F+J`;B>oE!ZfOOu1s=MVQ(Qy
zT`SQVQ%<lfTan9J%#~P}4vX5KQPOQv>u^^$FSJ#8YwRX53tqee!Jn@$MWJ15^}K7r
zXC}n^l`cV;*d*%2Yh!gK?MCFL&XuiIk*syQ+GTrTEYqFM-U^~Co2JycB(lOmCJ3ZG
zo3eB!0k0j2N5|%!E(={R#ahh;u4wgwPAZp?!jw}&S|zMnD67DNs12<N@fv4ctD1Da
zN$Fq64OzOJ?sOC36bYh|pRV5DUY#V#s%@K->6A42(9~J2+Ud%yTa&HYstl$H$|tc$
z>d&Uly=H~D-0G&q?KfS$eatE`T?<Z^9qGfdWKtBWmC$G*R;p}7rJN)3`|Fj?SL_H-
z25trW1$0uH^#O#wQ6+4r#3c#JgrX@^cv6!5Q@k?{D(`BRRhGKlh?NA-O4Vd1XG&c_
zgX9XWVF@CmqL+Zw2X|^<qq!y$6G1N7SoNSy=fXbRZ%rkRvO~C0zQTFBhb)$o2aqrJ
zzfz~{gR*R{#+nCRfCFrIZ8vu~>7~y3mY_~>S9k`klBHN1d!Lbjah;@+B2DMA#nDA6
zmttSla!x9pZ=l|V?8^2akY1`<S@IlQ27cU>yvd1ZoLVXNGg)s)G1v<IJ;2&^(~(KH
zIwC)Htp=l!Bs->?5><FEQ5jNzv{lp6)A<I+{RWaMP2)CZo@Iki<M2vZ-TKv_>a7WT
z<&o`kXog6W>LJ2fT)(*x)|l42Cpcvy6=aKih5%yAv@AX#L4v?aFL7^Lss~jP9SA)`
zm=LP4(+1>tiaVSpZYpDGePMc00yJfLy$}mRk6w(*6yQV^Th)RW=oA4=-T+%OZ$p6F
zQqgr@cBBK|61@`VdRVhQOkB^&gS74wEWi+a&BBxjGO~{P*jiEv4r%fyheNO=pOOVG
zJ`v}@@ehFLi8wp`aQ@5n#m)HyC*GX@8h-URSMpw^xh**!z^dV&Z68Bh(pFXGfx@CL
z$e;{tO$mHtfA)dE#}{4MqfNYK@5(M^t^brh?8RNJ+dc8ii^K0AwknI52ApcW58?_U
zNgQ9@2>_qArY2M4a1<N|7GzY4OHxcQRk#!w74!^eD-rOE1rmv4vTt?WeVl@ckK!R@
zI%Jn<pA451)9-a%n6>M-?62WkEmVQnM-E_0agPH`mInlkz_yjFmvA29<1XxbtQ(@@
zpCUR2zCU48#OMVp`*7Z_AyhnIQm|Ims46-eKjY}`Q>EA^?1C!2VZ5(ITs+8Fx|&7U
z1F;nH>BT0}-6NVC)7d`LdT=CgG4(<(`C?=#;}dw?MHaN`zu<sj3VUniGa5xH*@y6$
zsFa#R)*~O{!%-TRK^etR7hv^{^G;0CL3P?8Eed>wYW<$Tz|?6iEA^6=DGP;)fK#M3
zaMsSMZEc`SLSm<vC=Lep@Ej7W!<;UDH629h;H_W<j@N4PyiM>05Umv8dO(PBmQO50
zLX=q6@D>zGfcBP50d)gah%zBP5dgD|TzUt1WOS@kDvFBi>5=1bz~V#|aR>xHWo2yB
zHdwW@zT}|`JTP6qIh+0c=m^=fX$&A?O&N{wg;!s*MT}D(#Fg_&yU!r84g;@!CfY5N
z2$N2IIKu-%eb=L8ENR%wB%z-Rs!*O)9H@{(by}E8>Uzgs9)3|ll1rYJ?IqkI!i<@t
zxFMT!iGY-$*q=h7wO+5YxhAhv8GLFATWlz>+_bM|0$EwM<ZaU=xwxF&p1ytCbDtzf
znK&;{Ia26l$#I5!)iR!)U0uGu_>qllpgR%joZMIn-<VI*?*r_-q|8FjK29!dKJCV3
zaPn+>&8v%>(H(Mt4?grLr4eB`0I7q0ihyJ?Hj+?n&X}Poi4CZ*uOcNPBY_F;etJRG
za$&r2={qM*=)3?Jw=pZ)N~CtdAo9aGZ9F@@Ie&fkR-mxuXmDF8vgCOt_OBYBIu5*6
z4OC`*?%?E4S|&OTo-%kj4Tl40O0Z6WTS<s5SryD!O>X3ThM8Ub=bTh@eE9rZl7JXM
zf@6Bp%Gzj7dl0Msx)s2(LO8f1u7bLF7eR|7&-X!1`h!M+4M&H^&xKdqf;t}tG6W0f
ztIjsYaYqojpnX+`5_zur5*JpNxit=jfuVvzsUWI^k#gN|jYT>@zoc@)H?%U-+qbh|
z+W^B^@?xaM3oj={Z(YQc7GmDp4owNUL~uy)^55bx`!4%t(yx%)vSfX2LOh$=w-FRt
z6iR$P&x~E3(B{+=%ssuML-YmwRMkr;=tFa#JAjT~%%0KO9Vfp>#THmDjVwH9@ZmuJ
zt`23P2*l7@!dBq|7uCUgf0n-CfHt9908Oz$MC<$m|MmwxmF>ZQWg_zq_YJ;Ha}*hM
z3VkHsX5!SbRvDwzP8|8z^7YfG+NA_U+Oz794!(g+d@+<vmI3_H0WM-PYF!wjQE_m>
zm{amcN@Nr-Ahebx%a&0YM+CCm*>I+>vIuS|FTs-RGRzUmmRgmL+a*dWsP4!+J|e(@
zuT)oEyt}@-xjntSMb`;LdEmeR#K85*P2WKex=vw`^qnpWa@@8BiUV%|u~hKO4mrc>
zKhZS$>?HtRic&@NREDbBhj-Y5Dn?fbYzN0}Lw}O^#5&;u793m7iVEeuMWgKuu>PLn
z6glE?3Qjl|#wH)+Lnif=k@amm)Pk<Ph0+&<C#c4`ji)@gaWssOIeB}j-703hiNLQ`
z^>Ykk$$hZ3>1P1QGy6ve;s@$H15iCtA^6nQsGOegz@p<aDEJPw00>%K)GuXRvEIBs
zdv^ToAvN#lt9a5v$#c{{Fag+wlg7x8M$H@WV_3t5dh4Ajl;F>sc=O-Hr#|P8xMUjX
z|L?=}&b*g!YFcUl(+uGxTe!qy)<~-Ns6xV-(~iooHh4lZ-V3fzmsatVXlH5nqRDu3
zxR(#jym>!$=)4Akuc!$o5h8ox&}Z5E0uQ|V64?|b+fD-+MsVK!LX3@yz>{Pk0QG$>
znnL(z+7deWZh+Ug%kl}nG>G$9kuvs2@1fwJnC46w-Q8CpXdmxg=#T#BP*@b+wYlB$
zh51%=1eFHuQLCgLP(5p3I1Ujtw$c7dU*Cr=_3TviL#$j6qP1^ihN@r!TzT!MX&!4R
z{h(;vwg2p(Z}3u5PU@Al-4(}h5$ueQzB~tHPeZrFeN6y?KH$bvJm1;yS*kZ<sr(o^
z229DoQmFew=Y+^^%5JH-iG9S!&_Yk~f<_g^32aLx%$N&4I^g7MhpaJI)GzoxKa|X2
zut+V&{__Jt?)zy7L@7b`qAV8ubg+l7<b84g&u6C|#>bwG9!TyD?BY=`ICz}TZly_M
zO7`ATsvRpuiizke;w{x3ik^=FMTmZRb$dQbk{Ok|L%;O}EyZ7~x;~QbkX3mb=k%0P
za*|xXxwyT$dW)ho=fSOa*CfuXXx_@b^GQF#`pt0h=dvvOUHmramVZxtS;!a1ktIGS
z!hfv@_4nh*lJ`(8gEUTisNo1d18(>gEb*6k@ZVGm`_uhs@nkfNq<eVXMbJF)Guokt
z1OmE6G;TN0SP`n-QWt~8(U>u8Y9tD3zX_JI8^lIq^#kpobmeDv*t13w=L1wlg#%oQ
z^<AwLXS16LO@pZyA~Sm#$g@RI!;;6H+$XUQ%x*jrR9PPLo&h;nX3pKIuf~rVf42LN
z#`}lvgAk2fdu#4hOc|w~dq(0S9$0BN(OjizN6Yjetf9agA2mLT@qB-!J_>3+>*Ybb
zNX}LH#BP3`%&4A~B?Yw^`kR+3rCS}}MOD;@8TVyDdNTe>w@Zfg5%_U`O)vdb<b|F9
zeM8|*?moWo)#>Gr=Qme(v#-AT>aSblk$(LpUcLO%g*1BYr=E)X<Tg&1heO9jNk;MM
zf0*nhe%J&+#uCs=`w_g@3%|1|k=mp7;u07%A!=w+Y#UK{VU=6)n14J}lD@<ABY;o}
z^sj5iv$47eeUj~Ju{Y?h_}bUHrjgskH(4}s?CQa=X+J>S0o~?fe@LBQf)JUDI@IRl
zw$}s2LPAuc&y6_G(|pI8`gWCasDB-iB|nBJEJB0DnTiHE4s9^Mve~|_3`qhe+JDWP
z<76aE(L)*Xk2t*P2Q3qNTf~5%>tKTee$~V2fJ^F^9sq|}!1YSlM~F7uhu>5#swPeh
z_6fTDg?^yP<x=3Ci11ZjMiB8SZTeK+rfcz=&up7joEf02+qs<6iNB?9Rq2*bx5!^+
zxL8rT;h8DyRjg>X!@ofI6^aF|#80X$EBFx2cq;0cnEPUNkeq*%=<Iwn#q2pqI^hFK
zKWvlFu)lobRG)D^d1{<<QgmZ2r1S05h+<H?|L15xaW6dD8<L%lk9*S{i6_L^3u~V{
z9>nlFk4ML!;5<+~{sKjx1^wP<j~ROQ=r{#JpB#;?ctWxzNM7WRK7Ufe=X;ca86(u7
zJBVWkt`G+5rtCc+2Wnikj)?7;yye*n{?Go>-@p6HlV3dt&wi|-&wftn{X6}oKsJ5q
zrDyh7!$)G;IXgwRnfl-K^++6wLqy8qvnbCC<o3NF?~5;Rv8&h@pRrUdNp3d{y*CLH
z4H`9s<jHx%skUoSz<aXQCXRW6Yfc8ez%kzyF#X#5T)))UaI*Kyp6aWgDC8>|_w3>~
z11!HxqtO3N#R0yj)en}_el|ldlz*r9Ji`o0NH!P?(l7s~2E{6>t(EtbE(EF}w8y$a
zFH3*^peZTM(G@Q({XvW$*KGfWBcjR9!vF|TTcg#WxSbQjAb!Fkvf$h`=(%{h7Ry%{
X>f}k8$CswHS||SlDzl~tQzQTYm|t1I

diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-ca b/ANW-URB/openvpn/easy-rsa/2.0/build-ca
deleted file mode 100755
index bce29a6..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-ca
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-#
-# Build a root certificate
-#
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --initca $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-dh b/ANW-URB/openvpn/easy-rsa/2.0/build-dh
deleted file mode 100755
index 4beb127..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-dh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-# Build Diffie-Hellman parameters for the server side
-# of an SSL/TLS connection.
-
-if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then
-    $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-inter b/ANW-URB/openvpn/easy-rsa/2.0/build-inter
deleted file mode 100755
index 87bf98d..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-inter
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Make an intermediate CA certificate/private key pair using a locally generated
-# root certificate.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --inter $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-key b/ANW-URB/openvpn/easy-rsa/2.0/build-key
deleted file mode 100755
index 6c0fed8..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-key
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Make a certificate/private key pair using a locally generated
-# root certificate.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-key-pass b/ANW-URB/openvpn/easy-rsa/2.0/build-key-pass
deleted file mode 100755
index 8ef8307..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-key-pass
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Similar to build-key, but protect the private key
-# with a password.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pass $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-key-pkcs12 b/ANW-URB/openvpn/easy-rsa/2.0/build-key-pkcs12
deleted file mode 100755
index ba90e6a..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-key-pkcs12
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# Make a certificate/private key pair using a locally generated
-# root certificate and convert it to a PKCS #12 file including the
-# the CA certificate as well.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pkcs12 $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-key-server b/ANW-URB/openvpn/easy-rsa/2.0/build-key-server
deleted file mode 100755
index fee0194..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-key-server
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-# Make a certificate/private key pair using a locally generated
-# root certificate.
-#
-# Explicitly set nsCertType to server using the "server"
-# extension in the openssl.cnf file.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --server $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-req b/ANW-URB/openvpn/easy-rsa/2.0/build-req
deleted file mode 100755
index 559d512..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-req
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Build a certificate signing request and private key.  Use this
-# when your root certificate and key is not available locally.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/build-req-pass b/ANW-URB/openvpn/easy-rsa/2.0/build-req-pass
deleted file mode 100755
index b73ee1b..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/build-req-pass
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Like build-req, but protect your private key
-# with a password.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr --pass $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/clean-all b/ANW-URB/openvpn/easy-rsa/2.0/clean-all
deleted file mode 100755
index cc6e3b2..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/clean-all
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-# Initialize the $KEY_DIR directory.
-# Note that this script does a
-# rm -rf on $KEY_DIR so be careful!
-
-if [ "$KEY_DIR" ]; then
-    rm -rf "$KEY_DIR"
-    mkdir "$KEY_DIR" && \
-	chmod go-rwx "$KEY_DIR" && \
-	touch "$KEY_DIR/index.txt" && \
-	echo 01 >"$KEY_DIR/serial"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/inherit-inter b/ANW-URB/openvpn/easy-rsa/2.0/inherit-inter
deleted file mode 100755
index aaa5168..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/inherit-inter
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-
-# Build a new PKI which is rooted on an intermediate certificate generated
-# by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
-# have independent vars settings, and must use a different KEY_DIR directory
-# from the parent.  This tool can be used to generate arbitrary depth
-# certificate chains.
-#
-# To build an intermediate CA, follow the same steps for a regular PKI but
-# replace ./build-key or ./pkitool --initca with this script.
-
-# The EXPORT_CA file will contain the CA certificate chain and should be
-# referenced by the OpenVPN "ca" directive in config files.  The ca.crt file
-# will only contain the local intermediate CA -- it's needed by the easy-rsa
-# scripts but not by OpenVPN directly.
-EXPORT_CA="export-ca.crt"
-
-if [ $# -ne 2 ]; then
-    echo "usage: $0 <parent-key-dir> <common-name>"
-    echo "parent-key-dir: the KEY_DIR directory of the parent PKI"
-    echo "common-name: the common name of the intermediate certificate in the parent PKI"
-    exit 1;
-fi
-
-if [ "$KEY_DIR" ]; then
-    cp "$1/$2.crt" "$KEY_DIR/ca.crt"
-    cp "$1/$2.key" "$KEY_DIR/ca.key"
-
-    if [ -e "$1/$EXPORT_CA" ]; then
-	PARENT_CA="$1/$EXPORT_CA"
-    else
-	PARENT_CA="$1/ca.crt"
-    fi
-    cp "$PARENT_CA" "$KEY_DIR/$EXPORT_CA"
-    cat "$KEY_DIR/ca.crt" >> "$KEY_DIR/$EXPORT_CA"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/01.pem b/ANW-URB/openvpn/easy-rsa/2.0/keys/01.pem
deleted file mode 100644
index 1a046ed..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/01.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=Debian For Alix CA/emailAddress=no-mail@site
-        Validity
-            Not Before: May 12 03:02:28 2012 GMT
-            Not After : May 10 03:02:28 2022 GMT
-        Subject: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix, CN=crl-test.site/emailAddress=no-mail@site
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:c5:ea:a1:09:d0:00:af:07:54:12:6c:96:83:dc:
-                    2a:6e:10:db:57:0c:a9:70:8e:cd:3a:d4:c7:cf:bc:
-                    f8:8e:88:85:9c:59:26:fe:94:93:78:a6:7e:48:41:
-                    ce:78:12:55:1c:18:60:93:66:ab:35:9b:10:60:67:
-                    48:6e:e5:ef:01:d6:2b:33:24:73:66:ba:50:5f:90:
-                    bc:05:95:1c:fd:9a:82:e4:41:81:bb:a8:45:c3:9a:
-                    09:a3:8b:7a:00:fe:00:9f:bd:cf:15:42:5b:53:38:
-                    0d:8d:b4:90:c9:26:f3:2b:aa:de:a4:e9:eb:1c:e4:
-                    ab:e7:a9:0a:85:e4:72:53:8d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Cert Type: 
-                SSL Server
-            Netscape Comment: 
-                Easy-RSA Generated Server Certificate
-            X509v3 Subject Key Identifier: 
-                2E:44:CD:9A:53:C1:1D:BC:4C:4D:58:7F:52:62:AF:7B:AC:C9:FF:3A
-            X509v3 Authority Key Identifier: 
-                keyid:8C:A5:DB:53:21:BD:5F:61:E1:56:ED:7A:9B:A5:02:BD:2E:23:AA:A6
-                DirName:/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=Debian For Alix CA/emailAddress=no-mail@site
-                serial:8E:68:E2:9B:06:CB:D1:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-    Signature Algorithm: sha1WithRSAEncryption
-        27:8b:a6:82:17:72:9d:e5:31:b5:14:58:a1:40:93:15:50:47:
-        d6:73:ff:55:79:cb:bc:d6:e3:e5:d7:1b:5d:77:c8:ad:a4:1f:
-        f0:2a:a3:de:81:4f:58:87:b9:38:49:42:69:53:51:87:79:ba:
-        23:48:51:5d:b1:19:88:a0:6c:a2:1c:79:c3:7f:02:62:61:56:
-        3e:1f:73:ec:e6:d1:33:22:ed:3d:60:3a:35:a4:8c:07:88:cc:
-        25:b2:d8:2c:ac:db:47:a4:a6:72:30:e3:09:0c:0f:6d:bd:e7:
-        bf:b7:77:af:89:8e:89:cb:7e:23:6b:9d:42:7e:b3:22:d9:aa:
-        e0:67
------BEGIN CERTIFICATE-----
-MIIEITCCA4qgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMCQlIx
-CzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlh
-biBGb3IgQWxpeCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJv
-amVjdHMxGzAZBgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJ
-ARYMbm8tbWFpbEBzaXRlMB4XDTEyMDUxMjAzMDIyOFoXDTIyMDUxMDAzMDIyOFow
-fTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8x
-GDAWBgNVBAoTD0RlYmlhbiBGb3IgQWxpeDEWMBQGA1UEAxMNY3JsLXRlc3Quc2l0
-ZTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlMIGfMA0GCSqGSIb3DQEBAQUA
-A4GNADCBiQKBgQDF6qEJ0ACvB1QSbJaD3CpuENtXDKlwjs061MfPvPiOiIWcWSb+
-lJN4pn5IQc54ElUcGGCTZqs1mxBgZ0hu5e8B1iszJHNmulBfkLwFlRz9moLkQYG7
-qEXDmgmji3oA/gCfvc8VQltTOA2NtJDJJvMrqt6k6esc5KvnqQqF5HJTjQIDAQAB
-o4IBfjCCAXowCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwNAYJYIZIAYb4
-QgENBCcWJUVhc3ktUlNBIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYD
-VR0OBBYEFC5EzZpTwR28TE1Yf1Jir3usyf86MIHiBgNVHSMEgdowgdeAFIyl21Mh
-vV9h4VbtepulAr0uI6qmoYGzpIGwMIGtMQswCQYDVQQGEwJCUjELMAkGA1UECBMC
-U1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgGA1UEChMhRGViaWFuIEZvciBBbGl4
-IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQLEw5MaW51eCBQcm9qZWN0czEbMBkG
-A1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRswGQYJKoZIhvcNAQkBFgxuby1tYWls
-QHNpdGWCCQCOaOKbBsvRZTATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMC
-BaAwDQYJKoZIhvcNAQEFBQADgYEAJ4umghdyneUxtRRYoUCTFVBH1nP/VXnLvNbj
-5dcbXXfIraQf8Cqj3oFPWIe5OElCaVNRh3m6I0hRXbEZiKBsohx5w38CYmFWPh9z
-7ObRMyLtPWA6NaSMB4jMJbLYLKzbR6SmcjDjCQwPbb3nv7d3r4mOict+I2udQn6z
-Itmq4Gc=
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/02.pem b/ANW-URB/openvpn/easy-rsa/2.0/keys/02.pem
deleted file mode 100644
index 2f04709..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/02.pem
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=Debian For Alix CA/emailAddress=no-mail@site
-        Validity
-            Not Before: May 12 03:03:25 2012 GMT
-            Not After : May 10 03:03:25 2022 GMT
-        Subject: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=alix.site/emailAddress=no-mail@site
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:cb:96:17:e9:b2:ad:89:cb:26:60:63:28:d2:77:
-                    6c:95:31:bd:79:96:b9:08:63:ec:44:07:c9:e5:b3:
-                    ba:31:8c:1e:4d:a1:ff:81:8d:fd:7e:e2:68:63:18:
-                    93:be:99:15:70:b1:5b:20:fe:0f:ab:19:21:2e:57:
-                    16:55:21:3e:f5:2c:98:3d:ac:d6:0b:3f:34:ee:8f:
-                    59:a2:f2:4a:94:ed:96:c2:41:93:e3:9d:ed:d0:fa:
-                    64:f4:d7:24:3c:03:98:bc:95:be:2c:3f:42:89:3f:
-                    b9:e5:1a:95:3c:2d:67:0a:84:60:17:7d:21:5f:a8:
-                    43:99:65:3f:b3:d8:06:1d:43
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Cert Type: 
-                SSL Server
-            Netscape Comment: 
-                Easy-RSA Generated Server Certificate
-            X509v3 Subject Key Identifier: 
-                E0:51:7A:02:09:11:E6:2F:5F:47:D9:2E:36:9D:9D:AF:7F:16:5F:74
-            X509v3 Authority Key Identifier: 
-                keyid:8C:A5:DB:53:21:BD:5F:61:E1:56:ED:7A:9B:A5:02:BD:2E:23:AA:A6
-                DirName:/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=Debian For Alix CA/emailAddress=no-mail@site
-                serial:8E:68:E2:9B:06:CB:D1:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-    Signature Algorithm: sha1WithRSAEncryption
-        6b:b8:50:42:30:27:87:e9:1e:0c:8d:c5:c0:fc:71:f4:70:41:
-        ee:45:09:ac:d2:2c:54:c7:d6:10:66:09:43:cd:8f:8e:75:9a:
-        61:b7:7b:45:10:fa:f4:15:73:6a:ca:01:0b:33:fc:a1:06:30:
-        c0:ff:10:5b:9d:5d:c1:2c:8d:a5:5f:f0:c2:ef:1c:49:e2:1f:
-        02:f3:fa:3b:cd:19:c3:a6:37:0b:0c:cb:af:b0:f8:24:8e:f9:
-        4d:36:82:89:2c:b8:84:a8:5d:5c:fb:f0:64:bd:04:f2:67:a2:
-        3c:d9:59:a0:81:f4:ad:f5:9d:ad:d5:14:48:e2:48:99:ed:41:
-        5e:31
------BEGIN CERTIFICATE-----
-MIIESTCCA7KgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMCQlIx
-CzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlh
-biBGb3IgQWxpeCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJv
-amVjdHMxGzAZBgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJ
-ARYMbm8tbWFpbEBzaXRlMB4XDTEyMDUxMjAzMDMyNVoXDTIyMDUxMDAzMDMyNVow
-gaQxCzAJBgNVBAYTAkJSMQswCQYDVQQIEwJTUDESMBAGA1UEBxMJU2FvIFBhdWxv
-MSowKAYDVQQKEyFEZWJpYW4gRm9yIEFsaXggLSBEVU1NWSBDSEFOR0UgSVQxFzAV
-BgNVBAsTDkxpbnV4IFByb2plY3RzMRIwEAYDVQQDEwlhbGl4LnNpdGUxGzAZBgkq
-hkiG9w0BCQEWDG5vLW1haWxAc2l0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
-gYEAy5YX6bKticsmYGMo0ndslTG9eZa5CGPsRAfJ5bO6MYweTaH/gY39fuJoYxiT
-vpkVcLFbIP4PqxkhLlcWVSE+9SyYPazWCz807o9ZovJKlO2WwkGT453t0Ppk9Nck
-PAOYvJW+LD9CiT+55RqVPC1nCoRgF30hX6hDmWU/s9gGHUMCAwEAAaOCAX4wggF6
-MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDQGCWCGSAGG+EIBDQQnFiVF
-YXN5LVJTQSBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1UdDgQWBBTg
-UXoCCRHmL19H2S42nZ2vfxZfdDCB4gYDVR0jBIHaMIHXgBSMpdtTIb1fYeFW7Xqb
-pQK9LiOqpqGBs6SBsDCBrTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYD
-VQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlhbiBGb3IgQWxpeCAtIERVTU1Z
-IENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJvamVjdHMxGzAZBgNVBAMTEkRl
-YmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlggkA
-jmjimwbL0WUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMA0GCSqG
-SIb3DQEBBQUAA4GBAGu4UEIwJ4fpHgyNxcD8cfRwQe5FCazSLFTH1hBmCUPNj451
-mmG3e0UQ+vQVc2rKAQsz/KEGMMD/EFudXcEsjaVf8MLvHEniHwLz+jvNGcOmNwsM
-y6+w+CSO+U02goksuISoXVz78GS9BPJnojzZWaCB9K31na3VFEjiSJntQV4x
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/03.pem b/ANW-URB/openvpn/easy-rsa/2.0/keys/03.pem
deleted file mode 100644
index aa30da2..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/03.pem
+++ /dev/null
@@ -1,74 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 3 (0x3)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=Debian For Alix CA/emailAddress=no-mail@site
-        Validity
-            Not Before: May 12 03:06:31 2012 GMT
-            Not After : May 10 03:06:31 2022 GMT
-        Subject: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=vpn01.site/emailAddress=no-mail@site
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:a0:47:e1:23:fa:32:a3:cc:ee:e4:03:96:4c:84:
-                    c2:1e:05:2a:a8:b1:02:0c:b4:26:c5:54:ec:a0:85:
-                    3b:a2:a2:51:b8:85:9a:af:8e:50:fc:99:0a:5a:87:
-                    bf:02:f6:89:bd:04:44:fc:39:db:97:94:62:e8:e1:
-                    2f:c5:f9:dc:ce:2a:c0:63:b7:be:6c:41:7d:87:01:
-                    dd:f2:8b:b2:99:f6:a8:af:4e:11:0d:7b:e2:6e:82:
-                    ec:10:78:21:3c:09:85:c3:ab:b1:6d:14:74:c8:0a:
-                    8f:ec:80:80:b8:f6:a1:ef:dc:ba:7a:08:2b:c2:f5:
-                    77:af:93:d5:8d:1d:98:f2:85
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                Easy-RSA Generated Certificate
-            X509v3 Subject Key Identifier: 
-                91:38:28:A9:09:46:53:9E:E7:BC:29:77:F7:3B:25:92:08:6A:49:56
-            X509v3 Authority Key Identifier: 
-                keyid:8C:A5:DB:53:21:BD:5F:61:E1:56:ED:7A:9B:A5:02:BD:2E:23:AA:A6
-                DirName:/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=Debian For Alix CA/emailAddress=no-mail@site
-                serial:8E:68:E2:9B:06:CB:D1:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication
-            X509v3 Key Usage: 
-                Digital Signature
-    Signature Algorithm: sha1WithRSAEncryption
-        72:65:d4:0d:49:25:77:e2:c1:6d:10:eb:21:6a:d8:33:e7:01:
-        b6:e5:25:dd:46:73:3f:65:91:16:46:dd:db:88:ed:97:2b:02:
-        6f:0e:f3:be:23:e0:38:80:93:5b:6c:85:e8:32:cc:2a:fc:d3:
-        23:c6:c1:66:52:d9:cf:d1:ab:7d:85:19:7a:a9:02:3a:f8:af:
-        74:97:bf:8d:73:92:b8:d4:18:48:b8:2a:a6:c1:5e:e2:6e:cc:
-        ea:91:ba:91:7c:39:21:4e:46:76:c8:4e:3f:98:a7:fc:f2:31:
-        e4:27:fa:c2:34:d5:7c:8a:94:63:c1:bb:b4:eb:7c:ce:21:00:
-        d5:72
------BEGIN CERTIFICATE-----
-MIIEMDCCA5mgAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMCQlIx
-CzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlh
-biBGb3IgQWxpeCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJv
-amVjdHMxGzAZBgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJ
-ARYMbm8tbWFpbEBzaXRlMB4XDTEyMDUxMjAzMDYzMVoXDTIyMDUxMDAzMDYzMVow
-gaUxCzAJBgNVBAYTAkJSMQswCQYDVQQIEwJTUDESMBAGA1UEBxMJU2FvIFBhdWxv
-MSowKAYDVQQKEyFEZWJpYW4gRm9yIEFsaXggLSBEVU1NWSBDSEFOR0UgSVQxFzAV
-BgNVBAsTDkxpbnV4IFByb2plY3RzMRMwEQYDVQQDEwp2cG4wMS5zaXRlMRswGQYJ
-KoZIhvcNAQkBFgxuby1tYWlsQHNpdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
-AoGBAKBH4SP6MqPM7uQDlkyEwh4FKqixAgy0JsVU7KCFO6KiUbiFmq+OUPyZClqH
-vwL2ib0ERPw525eUYujhL8X53M4qwGO3vmxBfYcB3fKLspn2qK9OEQ174m6C7BB4
-ITwJhcOrsW0UdMgKj+yAgLj2oe/cunoIK8L1d6+T1Y0dmPKFAgMBAAGjggFkMIIB
-YDAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFJE4KKkJRlOe57wpd/c7JZIIaklWMIHiBgNV
-HSMEgdowgdeAFIyl21MhvV9h4VbtepulAr0uI6qmoYGzpIGwMIGtMQswCQYDVQQG
-EwJCUjELMAkGA1UECBMCU1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgGA1UEChMh
-RGViaWFuIEZvciBBbGl4IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQLEw5MaW51
-eCBQcm9qZWN0czEbMBkGA1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRswGQYJKoZI
-hvcNAQkBFgxuby1tYWlsQHNpdGWCCQCOaOKbBsvRZTATBgNVHSUEDDAKBggrBgEF
-BQcDAjALBgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADgYEAcmXUDUkld+LBbRDr
-IWrYM+cBtuUl3UZzP2WRFkbd24jtlysCbw7zviPgOICTW2yF6DLMKvzTI8bBZlLZ
-z9GrfYUZeqkCOvivdJe/jXOSuNQYSLgqpsFe4m7M6pG6kXw5IU5GdshOP5in/PIx
-5Cf6wjTVfIqUY8G7tOt8ziEA1XI=
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.crt b/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.crt
deleted file mode 100644
index 2f04709..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.crt
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=Debian For Alix CA/emailAddress=no-mail@site
-        Validity
-            Not Before: May 12 03:03:25 2012 GMT
-            Not After : May 10 03:03:25 2022 GMT
-        Subject: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=alix.site/emailAddress=no-mail@site
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:cb:96:17:e9:b2:ad:89:cb:26:60:63:28:d2:77:
-                    6c:95:31:bd:79:96:b9:08:63:ec:44:07:c9:e5:b3:
-                    ba:31:8c:1e:4d:a1:ff:81:8d:fd:7e:e2:68:63:18:
-                    93:be:99:15:70:b1:5b:20:fe:0f:ab:19:21:2e:57:
-                    16:55:21:3e:f5:2c:98:3d:ac:d6:0b:3f:34:ee:8f:
-                    59:a2:f2:4a:94:ed:96:c2:41:93:e3:9d:ed:d0:fa:
-                    64:f4:d7:24:3c:03:98:bc:95:be:2c:3f:42:89:3f:
-                    b9:e5:1a:95:3c:2d:67:0a:84:60:17:7d:21:5f:a8:
-                    43:99:65:3f:b3:d8:06:1d:43
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Cert Type: 
-                SSL Server
-            Netscape Comment: 
-                Easy-RSA Generated Server Certificate
-            X509v3 Subject Key Identifier: 
-                E0:51:7A:02:09:11:E6:2F:5F:47:D9:2E:36:9D:9D:AF:7F:16:5F:74
-            X509v3 Authority Key Identifier: 
-                keyid:8C:A5:DB:53:21:BD:5F:61:E1:56:ED:7A:9B:A5:02:BD:2E:23:AA:A6
-                DirName:/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=Debian For Alix CA/emailAddress=no-mail@site
-                serial:8E:68:E2:9B:06:CB:D1:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-    Signature Algorithm: sha1WithRSAEncryption
-        6b:b8:50:42:30:27:87:e9:1e:0c:8d:c5:c0:fc:71:f4:70:41:
-        ee:45:09:ac:d2:2c:54:c7:d6:10:66:09:43:cd:8f:8e:75:9a:
-        61:b7:7b:45:10:fa:f4:15:73:6a:ca:01:0b:33:fc:a1:06:30:
-        c0:ff:10:5b:9d:5d:c1:2c:8d:a5:5f:f0:c2:ef:1c:49:e2:1f:
-        02:f3:fa:3b:cd:19:c3:a6:37:0b:0c:cb:af:b0:f8:24:8e:f9:
-        4d:36:82:89:2c:b8:84:a8:5d:5c:fb:f0:64:bd:04:f2:67:a2:
-        3c:d9:59:a0:81:f4:ad:f5:9d:ad:d5:14:48:e2:48:99:ed:41:
-        5e:31
------BEGIN CERTIFICATE-----
-MIIESTCCA7KgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMCQlIx
-CzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlh
-biBGb3IgQWxpeCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJv
-amVjdHMxGzAZBgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJ
-ARYMbm8tbWFpbEBzaXRlMB4XDTEyMDUxMjAzMDMyNVoXDTIyMDUxMDAzMDMyNVow
-gaQxCzAJBgNVBAYTAkJSMQswCQYDVQQIEwJTUDESMBAGA1UEBxMJU2FvIFBhdWxv
-MSowKAYDVQQKEyFEZWJpYW4gRm9yIEFsaXggLSBEVU1NWSBDSEFOR0UgSVQxFzAV
-BgNVBAsTDkxpbnV4IFByb2plY3RzMRIwEAYDVQQDEwlhbGl4LnNpdGUxGzAZBgkq
-hkiG9w0BCQEWDG5vLW1haWxAc2l0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
-gYEAy5YX6bKticsmYGMo0ndslTG9eZa5CGPsRAfJ5bO6MYweTaH/gY39fuJoYxiT
-vpkVcLFbIP4PqxkhLlcWVSE+9SyYPazWCz807o9ZovJKlO2WwkGT453t0Ppk9Nck
-PAOYvJW+LD9CiT+55RqVPC1nCoRgF30hX6hDmWU/s9gGHUMCAwEAAaOCAX4wggF6
-MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDQGCWCGSAGG+EIBDQQnFiVF
-YXN5LVJTQSBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1UdDgQWBBTg
-UXoCCRHmL19H2S42nZ2vfxZfdDCB4gYDVR0jBIHaMIHXgBSMpdtTIb1fYeFW7Xqb
-pQK9LiOqpqGBs6SBsDCBrTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYD
-VQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlhbiBGb3IgQWxpeCAtIERVTU1Z
-IENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJvamVjdHMxGzAZBgNVBAMTEkRl
-YmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlggkA
-jmjimwbL0WUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMA0GCSqG
-SIb3DQEBBQUAA4GBAGu4UEIwJ4fpHgyNxcD8cfRwQe5FCazSLFTH1hBmCUPNj451
-mmG3e0UQ+vQVc2rKAQsz/KEGMMD/EFudXcEsjaVf8MLvHEniHwLz+jvNGcOmNwsM
-y6+w+CSO+U02goksuISoXVz78GS9BPJnojzZWaCB9K31na3VFEjiSJntQV4x
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.csr b/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.csr
deleted file mode 100644
index 92c205a..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.csr
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIB5TCCAU4CAQAwgaQxCzAJBgNVBAYTAkJSMQswCQYDVQQIEwJTUDESMBAGA1UE
-BxMJU2FvIFBhdWxvMSowKAYDVQQKEyFEZWJpYW4gRm9yIEFsaXggLSBEVU1NWSBD
-SEFOR0UgSVQxFzAVBgNVBAsTDkxpbnV4IFByb2plY3RzMRIwEAYDVQQDEwlhbGl4
-LnNpdGUxGzAZBgkqhkiG9w0BCQEWDG5vLW1haWxAc2l0ZTCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEAy5YX6bKticsmYGMo0ndslTG9eZa5CGPsRAfJ5bO6MYwe
-TaH/gY39fuJoYxiTvpkVcLFbIP4PqxkhLlcWVSE+9SyYPazWCz807o9ZovJKlO2W
-wkGT453t0Ppk9NckPAOYvJW+LD9CiT+55RqVPC1nCoRgF30hX6hDmWU/s9gGHUMC
-AwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBACEP5T3w6bdqyF0aHZD3Tye0b02bL1S/
-x6phHacFHYA0SwDPU/Wd6jXmqWvgG0Iz6mtoKTcfYdPaWvqagykRB0PHIkKlf1he
-Y+hHJfnOzvUroUglF6a3tc6LDLU9GwBZ8u/H1Ox9U+vhstTkVB72735Q8L0FWAVa
-iE3D7xZX5Rjf
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.key b/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.key
deleted file mode 100644
index d65ec70..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/alix.site.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDLlhfpsq2JyyZgYyjSd2yVMb15lrkIY+xEB8nls7oxjB5Nof+B
-jf1+4mhjGJO+mRVwsVsg/g+rGSEuVxZVIT71LJg9rNYLPzTuj1mi8kqU7ZbCQZPj
-ne3Q+mT01yQ8A5i8lb4sP0KJP7nlGpU8LWcKhGAXfSFfqEOZZT+z2AYdQwIDAQAB
-AoGAFZ4fdepKMRqIPa3p1MdnmUQJ2ZJenXx2xxaIosJ93+sAAMBV8DzSkRmbegJP
-FesNcsTyZ0NzCHkHo/MNZQa9t3xSb3I5ZTg6CMe/QiXu09U56dIACNT9GhrfPpIZ
-ovllZtTPQwR4rcQnwTXxWTn6NCjiDFs/VvwaGAkU0rO3VlkCQQD5pGsMwKj9HPI7
-SM4tN6saNvLyPzE1rooF03zIpD4SwtwAsuHWT8LNiI4Th4f61q0uhn2G3bpjiriX
-f4wB4TxNAkEA0MVn/h3dghfy2GxvMbTbn7wbPcCGhQRXU5NwbdgOmqFDfpBa7+TS
-/xqqb0APFgBgKi0iuYpN/mH7gSpeCmFHzwJAXufd9qwr0oY1pMop79DREJdBR000
-1Ra0zEA5mUGvg4xm/TEEYGhUQ7UdZllJHdiNYDmq8SHMYVl0kcvgmzpYpQJAQqxo
-080x6tQ/KEMpF9TMtyzZ/lS4IU8LnJNfupTfxR5vccIkaKzJfdNETxdEOiCQlaeo
-iVzUH8OnEM85DVOYHQJBAOBvhg5bY9IjhZWEcdq/uY1XDTbaxNydeDLUO7imoQVd
-/rbaY+krV26ewmE6LUS2n6tIrGQG4FRlQtEp7I36htQ=
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/ca.crt b/ANW-URB/openvpn/easy-rsa/2.0/keys/ca.crt
deleted file mode 100644
index edc0274..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/ca.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID8jCCA1ugAwIBAgIJAI5o4psGy9FlMA0GCSqGSIb3DQEBBQUAMIGtMQswCQYD
-VQQGEwJCUjELMAkGA1UECBMCU1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgGA1UE
-ChMhRGViaWFuIEZvciBBbGl4IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQLEw5M
-aW51eCBQcm9qZWN0czEbMBkGA1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRswGQYJ
-KoZIhvcNAQkBFgxuby1tYWlsQHNpdGUwHhcNMTIwNTEyMDMwMTUzWhcNMjIwNTEw
-MDMwMTUzWjCBrTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlT
-YW8gUGF1bG8xKjAoBgNVBAoTIURlYmlhbiBGb3IgQWxpeCAtIERVTU1ZIENIQU5H
-RSBJVDEXMBUGA1UECxMOTGludXggUHJvamVjdHMxGzAZBgNVBAMTEkRlYmlhbiBG
-b3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQCvPgsgF+v7xSfdH/EJVoRdvGHfj+xwHarRNHfy
-rCmhOwZYqNTFrGV+PgZqLu1KVFUxEiV4/qjDosmQnKMfSOo07QY07JpQkyPmezyA
-4kjZcSlQZ7YrdNI/jtSWZwehm1pkGftWQUx1SOFUhYVOm6DM76SoaSJRXkbqlfAt
-YRmN0wIDAQABo4IBFjCCARIwHQYDVR0OBBYEFIyl21MhvV9h4VbtepulAr0uI6qm
-MIHiBgNVHSMEgdowgdeAFIyl21MhvV9h4VbtepulAr0uI6qmoYGzpIGwMIGtMQsw
-CQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgG
-A1UEChMhRGViaWFuIEZvciBBbGl4IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQL
-Ew5MaW51eCBQcm9qZWN0czEbMBkGA1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRsw
-GQYJKoZIhvcNAQkBFgxuby1tYWlsQHNpdGWCCQCOaOKbBsvRZTAMBgNVHRMEBTAD
-AQH/MA0GCSqGSIb3DQEBBQUAA4GBABVmoMWdupXUB2J5p3LI18icmItRPyPH5uBc
-8C2/7AuvOvsRjjjAOtiThBLshCa2YQ2kxlT/uQKVAHrJojzDjozF/NB4rjr74aqj
-GGrWIL8ATWUjNKQFJv32h16t+eUrmWJJUlS4L0oq+v/C96l2QMG8M5Z3nxuctWwO
-ObQ1wsVu
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/ca.key b/ANW-URB/openvpn/easy-rsa/2.0/keys/ca.key
deleted file mode 100644
index d567950..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/ca.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCvPgsgF+v7xSfdH/EJVoRdvGHfj+xwHarRNHfyrCmhOwZYqNTF
-rGV+PgZqLu1KVFUxEiV4/qjDosmQnKMfSOo07QY07JpQkyPmezyA4kjZcSlQZ7Yr
-dNI/jtSWZwehm1pkGftWQUx1SOFUhYVOm6DM76SoaSJRXkbqlfAtYRmN0wIDAQAB
-AoGBAIUrpfK2mxtSAPA2VMqe16oP/WSSD8BHm0auE7TzhhNDMphvfHnXf61G30MT
-9Dk3CyJmQtnG1GMPMxPVJNUiaO+aUVfOV1o38S9y9eSd34IX86MvzCsdwAkK120M
-/Mndf6G2TSLLTh351SBAKx1F3bAB5gohIIKMRUiWNd7edJxBAkEA5sfMVSt3isyK
-X3pToki/H+d0Ht3HZAQzjpCzy4lFymfMiywMlU/ujsTR0KpXXEtJAvC1S22hBGmX
-s/YPMGmLswJBAMJkic85d/Eld2xIsGZMvn/2hjQiJMd+akdvSO6p6Fq4IX8zFdXS
-yob1zyaaI8r9YZcBIBJjipeEgY29yVAKZWECQGhNnPhRcPH2iAOnEe2i217cCQt6
-SQfXLkYc+GXhYP2d9EBiZD2HptY39mxM0LcR/6moiQfSQJfx8XKQn0TOLykCQQCF
-3xEc2bnlI2U7+E8rFFz46QCBNKZZkJCGg3gZjH9MwpOm8rpt183L5cp0DiDqMVcc
-1BSPNWgDcqh5waK68X3hAkEAnnYmuNkKLTs25Zc2gRR/7OXgGc3sRdBnHiTT/dPr
-nGQ7npSSA01XZKJFSRFSgEFoBBiP3k5GcuS9Srr9gfHSJQ==
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.crt b/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.crt
deleted file mode 100644
index 1a046ed..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.crt
+++ /dev/null
@@ -1,76 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=Debian For Alix CA/emailAddress=no-mail@site
-        Validity
-            Not Before: May 12 03:02:28 2012 GMT
-            Not After : May 10 03:02:28 2022 GMT
-        Subject: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix, CN=crl-test.site/emailAddress=no-mail@site
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:c5:ea:a1:09:d0:00:af:07:54:12:6c:96:83:dc:
-                    2a:6e:10:db:57:0c:a9:70:8e:cd:3a:d4:c7:cf:bc:
-                    f8:8e:88:85:9c:59:26:fe:94:93:78:a6:7e:48:41:
-                    ce:78:12:55:1c:18:60:93:66:ab:35:9b:10:60:67:
-                    48:6e:e5:ef:01:d6:2b:33:24:73:66:ba:50:5f:90:
-                    bc:05:95:1c:fd:9a:82:e4:41:81:bb:a8:45:c3:9a:
-                    09:a3:8b:7a:00:fe:00:9f:bd:cf:15:42:5b:53:38:
-                    0d:8d:b4:90:c9:26:f3:2b:aa:de:a4:e9:eb:1c:e4:
-                    ab:e7:a9:0a:85:e4:72:53:8d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Cert Type: 
-                SSL Server
-            Netscape Comment: 
-                Easy-RSA Generated Server Certificate
-            X509v3 Subject Key Identifier: 
-                2E:44:CD:9A:53:C1:1D:BC:4C:4D:58:7F:52:62:AF:7B:AC:C9:FF:3A
-            X509v3 Authority Key Identifier: 
-                keyid:8C:A5:DB:53:21:BD:5F:61:E1:56:ED:7A:9B:A5:02:BD:2E:23:AA:A6
-                DirName:/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=Debian For Alix CA/emailAddress=no-mail@site
-                serial:8E:68:E2:9B:06:CB:D1:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-    Signature Algorithm: sha1WithRSAEncryption
-        27:8b:a6:82:17:72:9d:e5:31:b5:14:58:a1:40:93:15:50:47:
-        d6:73:ff:55:79:cb:bc:d6:e3:e5:d7:1b:5d:77:c8:ad:a4:1f:
-        f0:2a:a3:de:81:4f:58:87:b9:38:49:42:69:53:51:87:79:ba:
-        23:48:51:5d:b1:19:88:a0:6c:a2:1c:79:c3:7f:02:62:61:56:
-        3e:1f:73:ec:e6:d1:33:22:ed:3d:60:3a:35:a4:8c:07:88:cc:
-        25:b2:d8:2c:ac:db:47:a4:a6:72:30:e3:09:0c:0f:6d:bd:e7:
-        bf:b7:77:af:89:8e:89:cb:7e:23:6b:9d:42:7e:b3:22:d9:aa:
-        e0:67
------BEGIN CERTIFICATE-----
-MIIEITCCA4qgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMCQlIx
-CzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlh
-biBGb3IgQWxpeCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJv
-amVjdHMxGzAZBgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJ
-ARYMbm8tbWFpbEBzaXRlMB4XDTEyMDUxMjAzMDIyOFoXDTIyMDUxMDAzMDIyOFow
-fTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8x
-GDAWBgNVBAoTD0RlYmlhbiBGb3IgQWxpeDEWMBQGA1UEAxMNY3JsLXRlc3Quc2l0
-ZTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlMIGfMA0GCSqGSIb3DQEBAQUA
-A4GNADCBiQKBgQDF6qEJ0ACvB1QSbJaD3CpuENtXDKlwjs061MfPvPiOiIWcWSb+
-lJN4pn5IQc54ElUcGGCTZqs1mxBgZ0hu5e8B1iszJHNmulBfkLwFlRz9moLkQYG7
-qEXDmgmji3oA/gCfvc8VQltTOA2NtJDJJvMrqt6k6esc5KvnqQqF5HJTjQIDAQAB
-o4IBfjCCAXowCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwNAYJYIZIAYb4
-QgENBCcWJUVhc3ktUlNBIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYD
-VR0OBBYEFC5EzZpTwR28TE1Yf1Jir3usyf86MIHiBgNVHSMEgdowgdeAFIyl21Mh
-vV9h4VbtepulAr0uI6qmoYGzpIGwMIGtMQswCQYDVQQGEwJCUjELMAkGA1UECBMC
-U1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgGA1UEChMhRGViaWFuIEZvciBBbGl4
-IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQLEw5MaW51eCBQcm9qZWN0czEbMBkG
-A1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRswGQYJKoZIhvcNAQkBFgxuby1tYWls
-QHNpdGWCCQCOaOKbBsvRZTATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMC
-BaAwDQYJKoZIhvcNAQEFBQADgYEAJ4umghdyneUxtRRYoUCTFVBH1nP/VXnLvNbj
-5dcbXXfIraQf8Cqj3oFPWIe5OElCaVNRh3m6I0hRXbEZiKBsohx5w38CYmFWPh9z
-7ObRMyLtPWA6NaSMB4jMJbLYLKzbR6SmcjDjCQwPbb3nv7d3r4mOict+I2udQn6z
-Itmq4Gc=
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.csr b/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.csr
deleted file mode 100644
index d01550b..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.csr
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBvTCCASYCAQAwfTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYDVQQH
-EwlTYW8gUGF1bG8xGDAWBgNVBAoTD0RlYmlhbiBGb3IgQWxpeDEWMBQGA1UEAxMN
-Y3JsLXRlc3Quc2l0ZTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlMIGfMA0G
-CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF6qEJ0ACvB1QSbJaD3CpuENtXDKlwjs06
-1MfPvPiOiIWcWSb+lJN4pn5IQc54ElUcGGCTZqs1mxBgZ0hu5e8B1iszJHNmulBf
-kLwFlRz9moLkQYG7qEXDmgmji3oA/gCfvc8VQltTOA2NtJDJJvMrqt6k6esc5Kvn
-qQqF5HJTjQIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEAsuPOQdbzTcvMTrZPpn9r
-Aqpi+vcLt1g1B5NF4qlw1MhJ2bavIimsQYhT/PM+i8722QJL+K7VJr0Y9VgRI2Rg
-qPUquHVsXkZQN3d0+q/YRK6W0WFJEJaF85gDzIlyNBNKuBJq9ADafRugDrz2xcM7
-cy0OZCunFhH3MdCqXdRqLrw=
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.key b/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.key
deleted file mode 100644
index 4815f5e..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl-test.site.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDF6qEJ0ACvB1QSbJaD3CpuENtXDKlwjs061MfPvPiOiIWcWSb+
-lJN4pn5IQc54ElUcGGCTZqs1mxBgZ0hu5e8B1iszJHNmulBfkLwFlRz9moLkQYG7
-qEXDmgmji3oA/gCfvc8VQltTOA2NtJDJJvMrqt6k6esc5KvnqQqF5HJTjQIDAQAB
-AoGAZo88XiJciFbK2TVOFgx8LEct8oEMONi3PxpOZLcvMmVKn4ePbnM9rFLSs8zu
-GkidtA5p1VhptkChjuNWpKkgXbDBTRYbrUOnXrUgToW10C4E5ftztbcRQ847OE1G
-eMjznSd9SiLElV3REyY6BzTYciRo987MoBrtqi02EPDYbv0CQQDraopLMDQml1Kl
-1cluGuTJ8ZNxDKWkDfr5BvEMpn5v1W82k1dWLkJDMYIuKu76OfevxAibLpNL3Q06
-wLb8c4nTAkEA1zi2PaBAiPgDXPUl3LnDNrr4kjXc8KJZpmCf/kgKVc+pYppDsUiG
-wC4mWcVuerrankeLFbkOPW0GBjsrDVfxHwJAJDkMdm1AWP/Hs8Slbc+tjHUjXq23
-fvq3t0GeLXgg1ExfBGK/eX88quIfScNJai8pMV5UhKwx9eZZdsTYYxfUCQJAMvog
-2Fnzzz2HdmYukKiDX5xLsj4F1g1uVKVAYDdqE0c7pLpLXFuEZ1LHDK5h67oEfEcP
-35ZUlCIVsjYjjWaOGwJBAJC0swnzK5wdMDzzF+oqOnGs2EzptfuUQ9JlabffbL4Y
-9mbuCu12IDMLDmY73Dnk1BWzi8TyfTD2fEDU8seNl28=
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl.pem b/ANW-URB/openvpn/easy-rsa/2.0/keys/crl.pem
deleted file mode 100644
index 070f2b6..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/crl.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN X509 CRL-----
-MIIBiTCB8zANBgkqhkiG9w0BAQQFADCBrTELMAkGA1UEBhMCQlIxCzAJBgNVBAgT
-AlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlhbiBGb3IgQWxp
-eCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJvamVjdHMxGzAZ
-BgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJARYMbm8tbWFp
-bEBzaXRlFw0xMjA1MTIwMzAyMzhaFw0xMjA2MTEwMzAyMzhaMBQwEgIBARcNMTIw
-NTEyMDMwMjM4WjANBgkqhkiG9w0BAQQFAAOBgQAJRVAq3T2gjUsKSjg5dLuy3pGl
-jVguEybZuOJn80LX1a9Jha367CZVuuww6GX2EUBiFKxXS4BHsV56q2XJaUlWaCXb
-4pjHWNm5i/JW7VwtG1fConY2BRaJrVCXu8wazx6vzbxYNuyMwtaoUvvPaGlQxen5
-TMe+Qpp6nw8ppaHAPg==
------END X509 CRL-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/dh1024.pem b/ANW-URB/openvpn/easy-rsa/2.0/keys/dh1024.pem
deleted file mode 100644
index 94479fc..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAKPTQ3STxQjGe+kIuQrOhyIXruP3ttLox+Zlieb9wRoblR8PNGyyUv7t
-4X/7Bk+vzrwkqUYwUX91Hm5GMBDqhuchk0iY9r+y7XucD69yct3ivF6oKqqNjQyN
-I2mpbMWKZTbSrfKKcd5NTOVDQUxpIIVRJhp2nfNW24jvHI4hIgjjAgEC
------END DH PARAMETERS-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt b/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt
deleted file mode 100644
index 222af0b..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-R	220510030228Z	120512030238Z	01	unknown	/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix/CN=crl-test.site/emailAddress=no-mail@site
-V	220510030325Z		02	unknown	/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=alix.site/emailAddress=no-mail@site
-V	220510030631Z		03	unknown	/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=vpn01.site/emailAddress=no-mail@site
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr b/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr
deleted file mode 100644
index 8f7e63a..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = yes
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr.old b/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr.old
deleted file mode 100644
index 8f7e63a..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = yes
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.old b/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.old
deleted file mode 100644
index bb80906..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/index.txt.old
+++ /dev/null
@@ -1,2 +0,0 @@
-R	220510030228Z	120512030238Z	01	unknown	/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix/CN=crl-test.site/emailAddress=no-mail@site
-V	220510030325Z		02	unknown	/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=alix.site/emailAddress=no-mail@site
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/revoke-test.pem b/ANW-URB/openvpn/easy-rsa/2.0/keys/revoke-test.pem
deleted file mode 100644
index 6b06f7a..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/revoke-test.pem
+++ /dev/null
@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID8jCCA1ugAwIBAgIJAI5o4psGy9FlMA0GCSqGSIb3DQEBBQUAMIGtMQswCQYD
-VQQGEwJCUjELMAkGA1UECBMCU1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgGA1UE
-ChMhRGViaWFuIEZvciBBbGl4IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQLEw5M
-aW51eCBQcm9qZWN0czEbMBkGA1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRswGQYJ
-KoZIhvcNAQkBFgxuby1tYWlsQHNpdGUwHhcNMTIwNTEyMDMwMTUzWhcNMjIwNTEw
-MDMwMTUzWjCBrTELMAkGA1UEBhMCQlIxCzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlT
-YW8gUGF1bG8xKjAoBgNVBAoTIURlYmlhbiBGb3IgQWxpeCAtIERVTU1ZIENIQU5H
-RSBJVDEXMBUGA1UECxMOTGludXggUHJvamVjdHMxGzAZBgNVBAMTEkRlYmlhbiBG
-b3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJARYMbm8tbWFpbEBzaXRlMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQCvPgsgF+v7xSfdH/EJVoRdvGHfj+xwHarRNHfy
-rCmhOwZYqNTFrGV+PgZqLu1KVFUxEiV4/qjDosmQnKMfSOo07QY07JpQkyPmezyA
-4kjZcSlQZ7YrdNI/jtSWZwehm1pkGftWQUx1SOFUhYVOm6DM76SoaSJRXkbqlfAt
-YRmN0wIDAQABo4IBFjCCARIwHQYDVR0OBBYEFIyl21MhvV9h4VbtepulAr0uI6qm
-MIHiBgNVHSMEgdowgdeAFIyl21MhvV9h4VbtepulAr0uI6qmoYGzpIGwMIGtMQsw
-CQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgG
-A1UEChMhRGViaWFuIEZvciBBbGl4IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQL
-Ew5MaW51eCBQcm9qZWN0czEbMBkGA1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRsw
-GQYJKoZIhvcNAQkBFgxuby1tYWlsQHNpdGWCCQCOaOKbBsvRZTAMBgNVHRMEBTAD
-AQH/MA0GCSqGSIb3DQEBBQUAA4GBABVmoMWdupXUB2J5p3LI18icmItRPyPH5uBc
-8C2/7AuvOvsRjjjAOtiThBLshCa2YQ2kxlT/uQKVAHrJojzDjozF/NB4rjr74aqj
-GGrWIL8ATWUjNKQFJv32h16t+eUrmWJJUlS4L0oq+v/C96l2QMG8M5Z3nxuctWwO
-ObQ1wsVu
------END CERTIFICATE-----
------BEGIN X509 CRL-----
-MIIBiTCB8zANBgkqhkiG9w0BAQQFADCBrTELMAkGA1UEBhMCQlIxCzAJBgNVBAgT
-AlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlhbiBGb3IgQWxp
-eCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJvamVjdHMxGzAZ
-BgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJARYMbm8tbWFp
-bEBzaXRlFw0xMjA1MTIwMzAyMzhaFw0xMjA2MTEwMzAyMzhaMBQwEgIBARcNMTIw
-NTEyMDMwMjM4WjANBgkqhkiG9w0BAQQFAAOBgQAJRVAq3T2gjUsKSjg5dLuy3pGl
-jVguEybZuOJn80LX1a9Jha367CZVuuww6GX2EUBiFKxXS4BHsV56q2XJaUlWaCXb
-4pjHWNm5i/JW7VwtG1fConY2BRaJrVCXu8wazx6vzbxYNuyMwtaoUvvPaGlQxen5
-TMe+Qpp6nw8ppaHAPg==
------END X509 CRL-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/serial b/ANW-URB/openvpn/easy-rsa/2.0/keys/serial
deleted file mode 100644
index 6496923..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/serial
+++ /dev/null
@@ -1 +0,0 @@
-04
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/serial.old b/ANW-URB/openvpn/easy-rsa/2.0/keys/serial.old
deleted file mode 100644
index 75016ea..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/serial.old
+++ /dev/null
@@ -1 +0,0 @@
-03
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.crt b/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.crt
deleted file mode 100644
index aa30da2..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.crt
+++ /dev/null
@@ -1,74 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 3 (0x3)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=Debian For Alix CA/emailAddress=no-mail@site
-        Validity
-            Not Before: May 12 03:06:31 2012 GMT
-            Not After : May 10 03:06:31 2022 GMT
-        Subject: C=BR, ST=SP, L=Sao Paulo, O=Debian For Alix - DUMMY CHANGE IT, OU=Linux Projects, CN=vpn01.site/emailAddress=no-mail@site
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:a0:47:e1:23:fa:32:a3:cc:ee:e4:03:96:4c:84:
-                    c2:1e:05:2a:a8:b1:02:0c:b4:26:c5:54:ec:a0:85:
-                    3b:a2:a2:51:b8:85:9a:af:8e:50:fc:99:0a:5a:87:
-                    bf:02:f6:89:bd:04:44:fc:39:db:97:94:62:e8:e1:
-                    2f:c5:f9:dc:ce:2a:c0:63:b7:be:6c:41:7d:87:01:
-                    dd:f2:8b:b2:99:f6:a8:af:4e:11:0d:7b:e2:6e:82:
-                    ec:10:78:21:3c:09:85:c3:ab:b1:6d:14:74:c8:0a:
-                    8f:ec:80:80:b8:f6:a1:ef:dc:ba:7a:08:2b:c2:f5:
-                    77:af:93:d5:8d:1d:98:f2:85
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                Easy-RSA Generated Certificate
-            X509v3 Subject Key Identifier: 
-                91:38:28:A9:09:46:53:9E:E7:BC:29:77:F7:3B:25:92:08:6A:49:56
-            X509v3 Authority Key Identifier: 
-                keyid:8C:A5:DB:53:21:BD:5F:61:E1:56:ED:7A:9B:A5:02:BD:2E:23:AA:A6
-                DirName:/C=BR/ST=SP/L=Sao Paulo/O=Debian For Alix - DUMMY CHANGE IT/OU=Linux Projects/CN=Debian For Alix CA/emailAddress=no-mail@site
-                serial:8E:68:E2:9B:06:CB:D1:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication
-            X509v3 Key Usage: 
-                Digital Signature
-    Signature Algorithm: sha1WithRSAEncryption
-        72:65:d4:0d:49:25:77:e2:c1:6d:10:eb:21:6a:d8:33:e7:01:
-        b6:e5:25:dd:46:73:3f:65:91:16:46:dd:db:88:ed:97:2b:02:
-        6f:0e:f3:be:23:e0:38:80:93:5b:6c:85:e8:32:cc:2a:fc:d3:
-        23:c6:c1:66:52:d9:cf:d1:ab:7d:85:19:7a:a9:02:3a:f8:af:
-        74:97:bf:8d:73:92:b8:d4:18:48:b8:2a:a6:c1:5e:e2:6e:cc:
-        ea:91:ba:91:7c:39:21:4e:46:76:c8:4e:3f:98:a7:fc:f2:31:
-        e4:27:fa:c2:34:d5:7c:8a:94:63:c1:bb:b4:eb:7c:ce:21:00:
-        d5:72
------BEGIN CERTIFICATE-----
-MIIEMDCCA5mgAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMCQlIx
-CzAJBgNVBAgTAlNQMRIwEAYDVQQHEwlTYW8gUGF1bG8xKjAoBgNVBAoTIURlYmlh
-biBGb3IgQWxpeCAtIERVTU1ZIENIQU5HRSBJVDEXMBUGA1UECxMOTGludXggUHJv
-amVjdHMxGzAZBgNVBAMTEkRlYmlhbiBGb3IgQWxpeCBDQTEbMBkGCSqGSIb3DQEJ
-ARYMbm8tbWFpbEBzaXRlMB4XDTEyMDUxMjAzMDYzMVoXDTIyMDUxMDAzMDYzMVow
-gaUxCzAJBgNVBAYTAkJSMQswCQYDVQQIEwJTUDESMBAGA1UEBxMJU2FvIFBhdWxv
-MSowKAYDVQQKEyFEZWJpYW4gRm9yIEFsaXggLSBEVU1NWSBDSEFOR0UgSVQxFzAV
-BgNVBAsTDkxpbnV4IFByb2plY3RzMRMwEQYDVQQDEwp2cG4wMS5zaXRlMRswGQYJ
-KoZIhvcNAQkBFgxuby1tYWlsQHNpdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
-AoGBAKBH4SP6MqPM7uQDlkyEwh4FKqixAgy0JsVU7KCFO6KiUbiFmq+OUPyZClqH
-vwL2ib0ERPw525eUYujhL8X53M4qwGO3vmxBfYcB3fKLspn2qK9OEQ174m6C7BB4
-ITwJhcOrsW0UdMgKj+yAgLj2oe/cunoIK8L1d6+T1Y0dmPKFAgMBAAGjggFkMIIB
-YDAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFJE4KKkJRlOe57wpd/c7JZIIaklWMIHiBgNV
-HSMEgdowgdeAFIyl21MhvV9h4VbtepulAr0uI6qmoYGzpIGwMIGtMQswCQYDVQQG
-EwJCUjELMAkGA1UECBMCU1AxEjAQBgNVBAcTCVNhbyBQYXVsbzEqMCgGA1UEChMh
-RGViaWFuIEZvciBBbGl4IC0gRFVNTVkgQ0hBTkdFIElUMRcwFQYDVQQLEw5MaW51
-eCBQcm9qZWN0czEbMBkGA1UEAxMSRGViaWFuIEZvciBBbGl4IENBMRswGQYJKoZI
-hvcNAQkBFgxuby1tYWlsQHNpdGWCCQCOaOKbBsvRZTATBgNVHSUEDDAKBggrBgEF
-BQcDAjALBgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADgYEAcmXUDUkld+LBbRDr
-IWrYM+cBtuUl3UZzP2WRFkbd24jtlysCbw7zviPgOICTW2yF6DLMKvzTI8bBZlLZ
-z9GrfYUZeqkCOvivdJe/jXOSuNQYSLgqpsFe4m7M6pG6kXw5IU5GdshOP5in/PIx
-5Cf6wjTVfIqUY8G7tOt8ziEA1XI=
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.csr b/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.csr
deleted file mode 100644
index f559b67..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.csr
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIB5jCCAU8CAQAwgaUxCzAJBgNVBAYTAkJSMQswCQYDVQQIEwJTUDESMBAGA1UE
-BxMJU2FvIFBhdWxvMSowKAYDVQQKEyFEZWJpYW4gRm9yIEFsaXggLSBEVU1NWSBD
-SEFOR0UgSVQxFzAVBgNVBAsTDkxpbnV4IFByb2plY3RzMRMwEQYDVQQDEwp2cG4w
-MS5zaXRlMRswGQYJKoZIhvcNAQkBFgxuby1tYWlsQHNpdGUwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAKBH4SP6MqPM7uQDlkyEwh4FKqixAgy0JsVU7KCFO6Ki
-UbiFmq+OUPyZClqHvwL2ib0ERPw525eUYujhL8X53M4qwGO3vmxBfYcB3fKLspn2
-qK9OEQ174m6C7BB4ITwJhcOrsW0UdMgKj+yAgLj2oe/cunoIK8L1d6+T1Y0dmPKF
-AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAYmNnggH95U2iVGt8Ef123jYY5I79b
-T4I9PxUOvqhLaHy7C55XR612TKop48D4SuyXif7LescwEvvOlawYXLnGnbIIpQe5
-BnlJ6BBd9WJ72DWrKSXev7zwj+eWG7tjXXLLXsWQGyF9zUJmp2X14PaaGKrY8m7J
-lsFjBJb1btOzoQ==
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.key b/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.key
deleted file mode 100644
index 68db2d8..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/keys/vpn01.site.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCgR+Ej+jKjzO7kA5ZMhMIeBSqosQIMtCbFVOyghTuiolG4hZqv
-jlD8mQpah78C9om9BET8OduXlGLo4S/F+dzOKsBjt75sQX2HAd3yi7KZ9qivThEN
-e+JuguwQeCE8CYXDq7FtFHTICo/sgIC49qHv3Lp6CCvC9Xevk9WNHZjyhQIDAQAB
-AoGASf2ks2UW54L9bQky4xQOQKmF7eX42kB3/XSc3+VhiEyCiTo0FIMQY+uKWgx8
-YzPIlhdYeU+ETc9UcckysqQMB+2x8+wyB9SFe0AIsHqXUVlW1lPgaDRqIwHWzJjY
-Z51qRT+EehH4c65Lec+jTAiVj5HMQCFHIfANR5tN1MkuMakCQQDLs5PlS48cOgve
-2DHWoIHr6Lgh4dQ9Puq2Gy29tFUpVV2FfZ+dCkx8GX4CX07Yoz1YSkHDb3etHQrD
-dVb2RMArAkEAyW5yLwlyqLJHwvLt+8Lo8EwLDTEIoj8yq2ks7F/vRXFPvpUzPWpD
-/Z9eTfULUDoY28O4apUbLSXc16QF1C0QDwJAXy9qzJqiJO563YbowwH9s97rK+n6
-4yOjSbUpipvZr5bUPKyXCSrm0paW60Td8x1UbQ1F7a0InzwS64LJQAqgQQJAW9v5
-SIgXeOUsorPkYb7GOeeD1rU4ybzmX5MsQHOTi2icRD6ISoaukPffqs+IJEMKWRZN
-gJWU+ibdKp4LZnJScwJAfpHZTB2GLuPBd/zU+R0pJF3JE2Ktv7+PKl44dl49+P4R
-L6KsiC6E5kaVdF8LCZaKY/4UIRCKFZw876rnzEjGTw==
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/list-crl b/ANW-URB/openvpn/easy-rsa/2.0/list-crl
deleted file mode 100755
index d1d8a69..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/list-crl
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-# list revoked certificates
-
-CRL="${1:-crl.pem}"
-
-if [ "$KEY_DIR" ]; then
-    cd "$KEY_DIR" && \
-	$OPENSSL crl -text -noout -in "$CRL"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.6.cnf b/ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.6.cnf
deleted file mode 100644
index d28341d..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.6.cnf
+++ /dev/null
@@ -1,265 +0,0 @@
-# For use with easy-rsa version 2.0
-
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key	 	# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType			= server
-nsComment			= "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.8.cnf b/ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.8.cnf
deleted file mode 100644
index 340b8af..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/openssl-0.9.8.cnf
+++ /dev/null
@@ -1,290 +0,0 @@
-# For use with easy-rsa version 2.0
-
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-openssl_conf		= openssl_init
-
-[ openssl_init ]
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-engines                 = engine_section
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		=
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key	 	# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options.
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-name				= Name
-name_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-name_default = $ENV::KEY_NAME
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType			= server
-nsComment			= "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
-[ engine_section ]
-#
-# If you are using PKCS#11
-# Install engine_pkcs11 of opensc (www.opensc.org)
-# And uncomment the following
-# verify that dynamic_path points to the correct location
-#
-#pkcs11 = pkcs11_section
-
-[ pkcs11_section ]
-engine_id = pkcs11
-dynamic_path = /usr/lib/engines/engine_pkcs11.so
-MODULE_PATH = $ENV::PKCS11_MODULE_PATH
-PIN = $ENV::PKCS11_PIN
-init = 0
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf b/ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf
deleted file mode 100644
index fa258a5..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf
+++ /dev/null
@@ -1,285 +0,0 @@
-# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-openssl_conf		= openssl_init
-
-[ openssl_init ]
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-engines			= engine_section
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		=
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key		# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options.
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation after 2004).
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-name				= Name
-name_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-name_default = $ENV::KEY_NAME
-
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType                     = server
-nsComment                      = "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
-[ engine_section ]
-#
-# If you are using PKCS#11
-# Install engine_pkcs11 of opensc (www.opensc.org)
-# And uncomment the following
-# verify that dynamic_path points to the correct location
-#
-#pkcs11 = pkcs11_section
-
-[ pkcs11_section ]
-engine_id = pkcs11
-dynamic_path = /usr/lib/engines/engine_pkcs11.so
-MODULE_PATH = $ENV::PKCS11_MODULE_PATH
-PIN = $ENV::PKCS11_PIN
-init = 0
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf-old-copy b/ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf-old-copy
deleted file mode 100644
index da425aa..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf-old-copy
+++ /dev/null
@@ -1,285 +0,0 @@
-# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-openssl_conf		= openssl_init
-
-[ openssl_init ]
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-engines			= engine_section
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key		# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation after 2004).
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-name				= Name
-name_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-name_default = $ENV::KEY_NAME
-
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType                     = server
-nsComment                      = "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
-[ engine_section ]
-#
-# If you are using PKCS#11
-# Install engine_pkcs11 of opensc (www.opensc.org)
-# And uncomment the following
-# verify that dynamic_path points to the correct location
-#
-#pkcs11 = pkcs11_section
-
-[ pkcs11_section ]
-engine_id = pkcs11
-dynamic_path = /usr/lib/engines/engine_pkcs11.so
-MODULE_PATH = $ENV::PKCS11_MODULE_PATH
-PIN = $ENV::PKCS11_PIN
-init = 0
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/openssl.cnf b/ANW-URB/openvpn/easy-rsa/2.0/openssl.cnf
deleted file mode 100644
index fa258a5..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/openssl.cnf
+++ /dev/null
@@ -1,285 +0,0 @@
-# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-openssl_conf		= openssl_init
-
-[ openssl_init ]
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-engines			= engine_section
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		=
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key		# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options.
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation after 2004).
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-name				= Name
-name_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-name_default = $ENV::KEY_NAME
-
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType                     = server
-nsComment                      = "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
-[ engine_section ]
-#
-# If you are using PKCS#11
-# Install engine_pkcs11 of opensc (www.opensc.org)
-# And uncomment the following
-# verify that dynamic_path points to the correct location
-#
-#pkcs11 = pkcs11_section
-
-[ pkcs11_section ]
-engine_id = pkcs11
-dynamic_path = /usr/lib/engines/engine_pkcs11.so
-MODULE_PATH = $ENV::PKCS11_MODULE_PATH
-PIN = $ENV::PKCS11_PIN
-init = 0
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/pkitool b/ANW-URB/openvpn/easy-rsa/2.0/pkitool
deleted file mode 100755
index 49588f5..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/pkitool
+++ /dev/null
@@ -1,379 +0,0 @@
-#!/bin/sh
-
-#  OpenVPN -- An application to securely tunnel IP networks
-#             over a single TCP/UDP port, with support for SSL/TLS-based
-#             session authentication and key exchange,
-#             packet encryption, packet authentication, and
-#             packet compression.
-#
-#  Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
-#
-#  This program is free software; you can redistribute it and/or modify
-#  it under the terms of the GNU General Public License version 2
-#  as published by the Free Software Foundation.
-#
-#  This program is distributed in the hope that it will be useful,
-#  but WITHOUT ANY WARRANTY; without even the implied warranty of
-#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#  GNU General Public License for more details.
-#
-#  You should have received a copy of the GNU General Public License
-#  along with this program (see the file COPYING included with this
-#  distribution); if not, write to the Free Software Foundation, Inc.,
-#  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-
-# pkitool is a front-end for the openssl tool.
-
-# Calling scripts can set the certificate organizational 
-# unit with the KEY_OU environmental variable. 
-
-# Calling scripts can also set the KEY_NAME environmental
-# variable to set the "name" X509 subject field.
-
-PROGNAME=pkitool
-VERSION=2.0
-DEBUG=0
-
-die()
-{
-    local m="$1"
-
-    echo "$m" >&2
-    exit 1
-}
-
-need_vars()
-{
-    echo '  Please edit the vars script to reflect your configuration,'
-    echo '  then source it with "source ./vars".'
-    echo '  Next, to start with a fresh PKI configuration and to delete any'
-    echo '  previous certificates and keys, run "./clean-all".'
-    echo "  Finally, you can run this tool ($PROGNAME) to build certificates/keys."
-}
-
-usage()
-{
-    echo "$PROGNAME $VERSION"
-    echo "Usage: $PROGNAME [options...] [common-name]"
-    echo "Options:"
-    echo "  --batch    : batch mode (default)"
-    echo "  --keysize  : Set keysize"
-    echo "      size   : size (default=1024)"
-    echo "  --interact : interactive mode"
-    echo "  --server   : build server cert"
-    echo "  --initca   : build root CA"
-    echo "  --inter    : build intermediate CA"
-    echo "  --pass     : encrypt private key with password"
-    echo "  --csr      : only generate a CSR, do not sign"
-    echo "  --sign     : sign an existing CSR"
-    echo "  --pkcs12   : generate a combined PKCS#12 file"
-    echo "  --pkcs11   : generate certificate on PKCS#11 token"
-    echo "      lib    : PKCS#11 library"
-    echo "      slot   : PKCS#11 slot"
-    echo "      id     : PKCS#11 object id (hex string)"
-    echo "      label  : PKCS#11 object label"
-    echo "Standalone options:"
-    echo "  --pkcs11-slots   : list PKCS#11 slots"
-    echo "      lib    : PKCS#11 library"
-    echo "  --pkcs11-objects : list PKCS#11 token objects"
-    echo "      lib    : PKCS#11 library"
-    echo "      slot   : PKCS#11 slot"
-    echo "  --pkcs11-init    : initialize PKCS#11 token DANGEROUS!!!"
-    echo "      lib    : PKCS#11 library"
-    echo "      slot   : PKCS#11 slot"
-    echo "      label  : PKCS#11 token label"
-    echo "Notes:"
-    need_vars
-    echo "  In order to use PKCS#11 interface you must have opensc-0.10.0 or higher."
-    echo "Generated files and corresponding OpenVPN directives:"
-    echo '(Files will be placed in the $KEY_DIR directory, defined in ./vars)'
-    echo "  ca.crt     -> root certificate (--ca)"
-    echo "  ca.key     -> root key, keep secure (not directly used by OpenVPN)"
-    echo "  .crt files -> client/server certificates (--cert)"
-    echo "  .key files -> private keys, keep secure (--key)"
-    echo "  .csr files -> certificate signing request (not directly used by OpenVPN)"
-    echo "  dh1024.pem or dh2048.pem -> Diffie Hellman parameters (--dh)"
-    echo "Examples:"
-    echo "  $PROGNAME --initca          -> Build root certificate"
-    echo "  $PROGNAME --initca --pass   -> Build root certificate with password-protected key"
-    echo "  $PROGNAME --server server1  -> Build \"server1\" certificate/key"
-    echo "  $PROGNAME client1           -> Build \"client1\" certificate/key"
-    echo "  $PROGNAME --pass client2    -> Build password-protected \"client2\" certificate/key"
-    echo "  $PROGNAME --pkcs12 client3  -> Build \"client3\" certificate/key in PKCS#12 format"
-    echo "  $PROGNAME --csr client4     -> Build \"client4\" CSR to be signed by another CA"
-    echo "  $PROGNAME --sign client4    -> Sign \"client4\" CSR"
-    echo "  $PROGNAME --inter interca   -> Build an intermediate key-signing certificate/key"
-    echo "                               Also see ./inherit-inter script."
-    echo "  $PROGNAME --pkcs11 /usr/lib/pkcs11/lib1 0 010203 \"client5 id\" client5"
-    echo "                              -> Build \"client5\" certificate/key in PKCS#11 token"
-    echo "Typical usage for initial PKI setup.  Build myserver, client1, and client2 cert/keys."
-    echo "Protect client2 key with a password.  Build DH parms.  Generated files in ./keys :"
-    echo "  [edit vars with your site-specific info]"
-    echo "  source ./vars"
-    echo "  ./clean-all"
-    echo "  ./build-dh     -> takes a long time, consider backgrounding"
-    echo "  ./$PROGNAME --initca"
-    echo "  ./$PROGNAME --server myserver"
-    echo "  ./$PROGNAME client1"
-    echo "  ./$PROGNAME --pass client2"
-    echo "Typical usage for adding client cert to existing PKI:"
-    echo "  source ./vars"
-    echo "  ./$PROGNAME client-new"
-}
-
-# Set tool defaults
-[ -n "$OPENSSL" ] || export OPENSSL="openssl"
-[ -n "$PKCS11TOOL" ] || export PKCS11TOOL="pkcs11-tool"
-[ -n "$GREP" ] || export GREP="grep"
-
-# Set defaults
-DO_REQ="1"
-REQ_EXT=""
-DO_CA="1"
-CA_EXT=""
-DO_P12="0"
-DO_P11="0"
-DO_ROOT="0"
-NODES_REQ="-nodes"
-NODES_P12=""
-BATCH="-batch"
-CA="ca"
-# must be set or errors of openssl.cnf
-PKCS11_MODULE_PATH="dummy"
-PKCS11_PIN="dummy"
-
-# Process options
-while [ $# -gt 0 ]; do
-    case "$1" in
-        --keysize  ) KEY_SIZE=$2
-		     shift;;
-	--server   ) REQ_EXT="$REQ_EXT -extensions server"
-	             CA_EXT="$CA_EXT -extensions server" ;;
-	--batch    ) BATCH="-batch" ;;
-	--interact ) BATCH="" ;;
-        --inter    ) CA_EXT="$CA_EXT -extensions v3_ca" ;;
-        --initca   ) DO_ROOT="1" ;;
-	--pass     ) NODES_REQ="" ;;
-        --csr      ) DO_CA="0" ;;
-        --sign     ) DO_REQ="0" ;;
-        --pkcs12   ) DO_P12="1" ;;
-	--pkcs11   ) DO_P11="1"
-	             PKCS11_MODULE_PATH="$2"
-		     PKCS11_SLOT="$3"
-		     PKCS11_ID="$4"
-		     PKCS11_LABEL="$5"
-		     shift 4;;
-
-	# standalone
-	--pkcs11-init)
-	             PKCS11_MODULE_PATH="$2"
-	             PKCS11_SLOT="$3"
-	             PKCS11_LABEL="$4"
-		     if [ -z "$PKCS11_LABEL" ]; then
-		       die "Please specify library name, slot and label"
-		     fi
-		     $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-token --slot "$PKCS11_SLOT" \
-		     	--label "$PKCS11_LABEL" &&
-			$PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-pin --slot "$PKCS11_SLOT"
-		     exit $?;;
-	--pkcs11-slots)
-	             PKCS11_MODULE_PATH="$2"
-		     if [ -z "$PKCS11_MODULE_PATH" ]; then
-		       die "Please specify library name"
-		     fi
-		     $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-slots
-		     exit 0;;
-	--pkcs11-objects)
-	             PKCS11_MODULE_PATH="$2"
-	             PKCS11_SLOT="$3"
-		     if [ -z "$PKCS11_SLOT" ]; then
-		       die "Please specify library name and slot"
-		     fi
-		     $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-objects --login --slot "$PKCS11_SLOT"
-		     exit 0;;
-
-        --help|--usage)
-                    usage
-                    exit ;;
-        --version)
-                    echo "$PROGNAME $VERSION"
-                    exit ;;
-	# errors
-	--*        ) die "$PROGNAME: unknown option: $1" ;;
-	*          ) break ;;
-    esac
-    shift   
-done
-
-if ! [ -z "$BATCH" ]; then
-	if $OPENSSL version | grep 0.9.6 > /dev/null; then
-		die "Batch mode is unsupported in openssl<0.9.7"
-	fi
-fi
-
-if [ $DO_P12 -eq 1 -a $DO_P11 -eq 1 ]; then
-	die "PKCS#11 and PKCS#12 cannot be specified together"
-fi
-
-if [ $DO_P11 -eq 1 ]; then
-	if ! grep "^pkcs11.*=" "$KEY_CONFIG" > /dev/null; then
-		die "Please edit $KEY_CONFIG and setup PKCS#11 engine"
-	fi
-fi
-
-# If we are generating pkcs12, only encrypt the final step
-if [ $DO_P12 -eq 1 ]; then
-    NODES_P12="$NODES_REQ"
-    NODES_REQ="-nodes"
-fi
-
-if [ $DO_P11 -eq 1 ]; then
-	if [ -z "$PKCS11_LABEL" ]; then
-		die "PKCS#11 arguments incomplete"
-	fi
-fi
-
-# If undefined, set default key expiration intervals
-if [ -z "$KEY_EXPIRE" ]; then
-    KEY_EXPIRE=3650
-fi
-if [ -z "$CA_EXPIRE" ]; then
-    CA_EXPIRE=3650
-fi
-
-# Set organizational unit to empty string if undefined
-if [ -z "$KEY_OU" ]; then
-    KEY_OU=""
-fi
-
-# Set X509 Name string to empty string if undefined
-if [ -z "$KEY_NAME" ]; then
-    KEY_NAME=""
-fi
-
-# Set KEY_CN, FN
-if [ $DO_ROOT -eq 1 ]; then
-    if [ -z "$KEY_CN" ]; then
-	if [ "$1" ]; then
-	    KEY_CN="$1"
-	elif [ "$KEY_ORG" ]; then
-	    KEY_CN="$KEY_ORG CA"
-	fi
-    fi
-    if [ $BATCH ] && [ "$KEY_CN" ]; then
-	echo "Using CA Common Name:" "$KEY_CN"
-    fi
-    FN="$KEY_CN"
-elif [ $BATCH ] && [ "$KEY_CN" ]; then
-    echo "Using Common Name:" "$KEY_CN"
-    FN="$KEY_CN"
-    if [ "$1" ]; then
-	FN="$1"
-    fi
-else
-    if [ $# -ne 1 ]; then
-	usage
-	exit 1
-    else
-	KEY_CN="$1"
-    fi
-    FN="$KEY_CN"
-fi
-
-export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_NAME KEY_CN PKCS11_MODULE_PATH PKCS11_PIN
-
-# Show parameters (debugging)
-if [ $DEBUG -eq 1 ]; then
-    echo DO_REQ $DO_REQ
-    echo REQ_EXT $REQ_EXT
-    echo DO_CA $DO_CA
-    echo CA_EXT $CA_EXT
-    echo NODES_REQ $NODES_REQ
-    echo NODES_P12 $NODES_P12
-    echo DO_P12 $DO_P12
-    echo KEY_CN $KEY_CN
-    echo BATCH $BATCH
-    echo DO_ROOT $DO_ROOT
-    echo KEY_EXPIRE $KEY_EXPIRE
-    echo CA_EXPIRE $CA_EXPIRE
-    echo KEY_OU $KEY_OU
-    echo KEY_NAME $KEY_NAME
-    echo DO_P11 $DO_P11
-    echo PKCS11_MODULE_PATH $PKCS11_MODULE_PATH
-    echo PKCS11_SLOT $PKCS11_SLOT
-    echo PKCS11_ID $PKCS11_ID
-    echo PKCS11_LABEL $PKCS11_LABEL
-fi
-
-# Make sure ./vars was sourced beforehand
-if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" ]; then
-    cd "$KEY_DIR"
-
-    # Make sure $KEY_CONFIG points to the correct version
-    # of openssl.cnf
-    if $GREP -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then
-	:
-    else
-	echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to the wrong"
-        echo "version of openssl.cnf: $KEY_CONFIG"
-	echo "The correct version should have a comment that says: easy-rsa version 2.x";
-	exit 1;
-    fi
-
-    # Build root CA
-    if [ $DO_ROOT -eq 1 ]; then
-	$OPENSSL req $BATCH -days $CA_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE -sha1 \
-	    -x509 -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \
-	    chmod 0600 "$CA.key"
-    else        
-        # Make sure CA key/cert is available
-	if [ $DO_CA -eq 1 ] || [ $DO_P12 -eq 1 ]; then
-	    if [ ! -r "$CA.crt" ] || [ ! -r "$CA.key" ]; then
-		echo "$PROGNAME: Need a readable $CA.crt and $CA.key in $KEY_DIR"
-		echo "Try $PROGNAME --initca to build a root certificate/key."
-		exit 1
-	    fi
-	fi
-
-	# Generate key for PKCS#11 token
-	PKCS11_ARGS=
-	if [ $DO_P11 -eq 1 ]; then
-	        stty -echo
-	        echo -n "User PIN: "
-	        read -r PKCS11_PIN
-	        stty echo
-		export PKCS11_PIN
-
-		echo "Generating key pair on PKCS#11 token..."
-		$PKCS11TOOL --module "$PKCS11_MODULE_PATH" --keypairgen \
-			--login --pin "$PKCS11_PIN" \
-			--key-type rsa:1024 \
-			--slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" || exit 1
-		PKCS11_ARGS="-engine pkcs11 -keyform engine -key $PKCS11_SLOT:$PKCS11_ID"
-	fi
-
-        # Build cert/key
-	( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \
-	        -keyout "$FN.key" -out "$FN.csr" $REQ_EXT -config "$KEY_CONFIG" $PKCS11_ARGS ) && \
-	    ( [ $DO_CA -eq 0 ]  || $OPENSSL ca $BATCH -days $KEY_EXPIRE -out "$FN.crt" \
-	        -in "$FN.csr" $CA_EXT -md sha1 -config "$KEY_CONFIG" ) && \
-	    ( [ $DO_P12 -eq 0 ] || $OPENSSL pkcs12 -export -inkey "$FN.key" \
-	        -in "$FN.crt" -certfile "$CA.crt" -out "$FN.p12" $NODES_P12 ) && \
-	    ( [ $DO_CA -eq 0 -o $DO_P11 -eq 1 ]  || chmod 0600 "$FN.key" ) && \
-	    ( [ $DO_P12 -eq 0 ] || chmod 0600 "$FN.p12" )
-
-	# Load certificate into PKCS#11 token
-	if [ $DO_P11 -eq 1 ]; then
-		$OPENSSL x509 -in "$FN.crt" -inform PEM -out "$FN.crt.der" -outform DER && \
-		  $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --write-object "$FN.crt.der" --type cert \
-			--login --pin "$PKCS11_PIN" \
-			--slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" 
-		[ -e "$FN.crt.der" ]; rm "$FN.crt.der"
-	fi
-
-    fi
-
-# Need definitions
-else
-    need_vars
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/revoke-full b/ANW-URB/openvpn/easy-rsa/2.0/revoke-full
deleted file mode 100755
index 4169c4c..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/revoke-full
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh
-
-# revoke a certificate, regenerate CRL,
-# and verify revocation
-
-CRL="crl.pem"
-RT="revoke-test.pem"
-
-if [ $# -ne 1 ]; then
-    echo "usage: revoke-full <cert-name-base>";
-    exit 1
-fi
-
-if [ "$KEY_DIR" ]; then
-    cd "$KEY_DIR"
-    rm -f "$RT"
-
-    # set defaults
-    export KEY_CN=""
-    export KEY_OU=""
-    export KEY_NAME=""
-
-    # revoke key and generate a new CRL
-    $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG"
-
-    # generate a new CRL -- try to be compatible with
-    # intermediate PKIs
-    $OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG"
-    if [ -e export-ca.crt ]; then
-	cat export-ca.crt "$CRL" >"$RT"
-    else
-	cat ca.crt "$CRL" >"$RT"
-    fi
-    
-    # verify the revocation
-    $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/sign-req b/ANW-URB/openvpn/easy-rsa/2.0/sign-req
deleted file mode 100755
index 6cae7b4..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/sign-req
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Sign a certificate signing request (a .csr file)
-# with a local root certificate and key.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --sign $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/README.gz b/ANW-URB/openvpn/easy-rsa/2.0/tmp/README.gz
deleted file mode 100644
index ad3896f45d77e9f3d35f32ff3b4abfd4af3ed455..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 3757
zcmV;e4pQ+SiwFP!000021Fc$ZbK5o&{(SrusPATK--wj$B-hr{%Z%$dttW}?vFxV3
zPA3DAkc2ZyumEXA{q^_k0-#9QNj~&6okk*n#lAlKLZ6?`eob#?r{ZU2oi?>N&JI(X
zA0^4{N;`r7q;QoiOF^6N)kajZmP=Ksx)qJg@9}*i=F+J`;B>oE!ZfOOu1s=MVQ(Qy
zT`SQVQ%<lfTan9J%#~P}4vX5KQPOQv>u^^$FSJ#8YwRX53tqee!Jn@$MWJ15^}K7r
zXC}n^l`cV;*d*%2Yh!gK?MCFL&XuiIk*syQ+GTrTEYqFM-U^~Co2JycB(lOmCJ3ZG
zo3eB!0k0j2N5|%!E(={R#ahh;u4wgwPAZp?!jw}&S|zMnD67DNs12<N@fv4ctD1Da
zN$Fq64OzOJ?sOC36bYh|pRV5DUY#V#s%@K->6A42(9~J2+Ud%yTa&HYstl$H$|tc$
z>d&Uly=H~D-0G&q?KfS$eatE`T?<Z^9qGfdWKtBWmC$G*R;p}7rJN)3`|Fj?SL_H-
z25trW1$0uH^#O#wQ6+4r#3c#JgrX@^cv6!5Q@k?{D(`BRRhGKlh?NA-O4Vd1XG&c_
zgX9XWVF@CmqL+Zw2X|^<qq!y$6G1N7SoNSy=fXbRZ%rkRvO~C0zQTFBhb)$o2aqrJ
zzfz~{gR*R{#+nCRfCFrIZ8vu~>7~y3mY_~>S9k`klBHN1d!Lbjah;@+B2DMA#nDA6
zmttSla!x9pZ=l|V?8^2akY1`<S@IlQ27cU>yvd1ZoLVXNGg)s)G1v<IJ;2&^(~(KH
zIwC)Htp=l!Bs->?5><FEQ5jNzv{lp6)A<I+{RWaMP2)CZo@Iki<M2vZ-TKv_>a7WT
z<&o`kXog6W>LJ2fT)(*x)|l42Cpcvy6=aKih5%yAv@AX#L4v?aFL7^Lss~jP9SA)`
zm=LP4(+1>tiaVSpZYpDGePMc00yJfLy$}mRk6w(*6yQV^Th)RW=oA4=-T+%OZ$p6F
zQqgr@cBBK|61@`VdRVhQOkB^&gS74wEWi+a&BBxjGO~{P*jiEv4r%fyheNO=pOOVG
zJ`v}@@ehFLi8wp`aQ@5n#m)HyC*GX@8h-URSMpw^xh**!z^dV&Z68Bh(pFXGfx@CL
z$e;{tO$mHtfA)dE#}{4MqfNYK@5(M^t^brh?8RNJ+dc8ii^K0AwknI52ApcW58?_U
zNgQ9@2>_qArY2M4a1<N|7GzY4OHxcQRk#!w74!^eD-rOE1rmv4vTt?WeVl@ckK!R@
zI%Jn<pA451)9-a%n6>M-?62WkEmVQnM-E_0agPH`mInlkz_yjFmvA29<1XxbtQ(@@
zpCUR2zCU48#OMVp`*7Z_AyhnIQm|Ims46-eKjY}`Q>EA^?1C!2VZ5(ITs+8Fx|&7U
z1F;nH>BT0}-6NVC)7d`LdT=CgG4(<(`C?=#;}dw?MHaN`zu<sj3VUniGa5xH*@y6$
zsFa#R)*~O{!%-TRK^etR7hv^{^G;0CL3P?8Eed>wYW<$Tz|?6iEA^6=DGP;)fK#M3
zaMsSMZEc`SLSm<vC=Lep@Ej7W!<;UDH629h;H_W<j@N4PyiM>05Umv8dO(PBmQO50
zLX=q6@D>zGfcBP50d)gah%zBP5dgD|TzUt1WOS@kDvFBi>5=1bz~V#|aR>xHWo2yB
zHdwW@zT}|`JTP6qIh+0c=m^=fX$&A?O&N{wg;!s*MT}D(#Fg_&yU!r84g;@!CfY5N
z2$N2IIKu-%eb=L8ENR%wB%z-Rs!*O)9H@{(by}E8>Uzgs9)3|ll1rYJ?IqkI!i<@t
zxFMT!iGY-$*q=h7wO+5YxhAhv8GLFATWlz>+_bM|0$EwM<ZaU=xwxF&p1ytCbDtzf
znK&;{Ia26l$#I5!)iR!)U0uGu_>qllpgR%joZMIn-<VI*?*r_-q|8FjK29!dKJCV3
zaPn+>&8v%>(H(Mt4?grLr4eB`0I7q0ihyJ?Hj+?n&X}Poi4CZ*uOcNPBY_F;etJRG
za$&r2={qM*=)3?Jw=pZ)N~CtdAo9aGZ9F@@Ie&fkR-mxuXmDF8vgCOt_OBYBIu5*6
z4OC`*?%?E4S|&OTo-%kj4Tl40O0Z6WTS<s5SryD!O>X3ThM8Ub=bTh@eE9rZl7JXM
zf@6Bp%Gzj7dl0Msx)s2(LO8f1u7bLF7eR|7&-X!1`h!M+4M&H^&xKdqf;t}tG6W0f
ztIjsYaYqojpnX+`5_zur5*JpNxit=jfuVvzsUWI^k#gN|jYT>@zoc@)H?%U-+qbh|
z+W^B^@?xaM3oj={Z(YQc7GmDp4owNUL~uy)^55bx`!4%t(yx%)vSfX2LOh$=w-FRt
z6iR$P&x~E3(B{+=%ssuML-YmwRMkr;=tFa#JAjT~%%0KO9Vfp>#THmDjVwH9@ZmuJ
zt`23P2*l7@!dBq|7uCUgf0n-CfHt9908Oz$MC<$m|MmwxmF>ZQWg_zq_YJ;Ha}*hM
z3VkHsX5!SbRvDwzP8|8z^7YfG+NA_U+Oz794!(g+d@+<vmI3_H0WM-PYF!wjQE_m>
zm{amcN@Nr-Ahebx%a&0YM+CCm*>I+>vIuS|FTs-RGRzUmmRgmL+a*dWsP4!+J|e(@
zuT)oEyt}@-xjntSMb`;LdEmeR#K85*P2WKex=vw`^qnpWa@@8BiUV%|u~hKO4mrc>
zKhZS$>?HtRic&@NREDbBhj-Y5Dn?fbYzN0}Lw}O^#5&;u793m7iVEeuMWgKuu>PLn
z6glE?3Qjl|#wH)+Lnif=k@amm)Pk<Ph0+&<C#c4`ji)@gaWssOIeB}j-703hiNLQ`
z^>Ykk$$hZ3>1P1QGy6ve;s@$H15iCtA^6nQsGOegz@p<aDEJPw00>%K)GuXRvEIBs
zdv^ToAvN#lt9a5v$#c{{Fag+wlg7x8M$H@WV_3t5dh4Ajl;F>sc=O-Hr#|P8xMUjX
z|L?=}&b*g!YFcUl(+uGxTe!qy)<~-Ns6xV-(~iooHh4lZ-V3fzmsatVXlH5nqRDu3
zxR(#jym>!$=)4Akuc!$o5h8ox&}Z5E0uQ|V64?|b+fD-+MsVK!LX3@yz>{Pk0QG$>
znnL(z+7deWZh+Ug%kl}nG>G$9kuvs2@1fwJnC46w-Q8CpXdmxg=#T#BP*@b+wYlB$
zh51%=1eFHuQLCgLP(5p3I1Ujtw$c7dU*Cr=_3TviL#$j6qP1^ihN@r!TzT!MX&!4R
z{h(;vwg2p(Z}3u5PU@Al-4(}h5$ueQzB~tHPeZrFeN6y?KH$bvJm1;yS*kZ<sr(o^
z229DoQmFew=Y+^^%5JH-iG9S!&_Yk~f<_g^32aLx%$N&4I^g7MhpaJI)GzoxKa|X2
zut+V&{__Jt?)zy7L@7b`qAV8ubg+l7<b84g&u6C|#>bwG9!TyD?BY=`ICz}TZly_M
zO7`ATsvRpuiizke;w{x3ik^=FMTmZRb$dQbk{Ok|L%;O}EyZ7~x;~QbkX3mb=k%0P
za*|xXxwyT$dW)ho=fSOa*CfuXXx_@b^GQF#`pt0h=dvvOUHmramVZxtS;!a1ktIGS
z!hfv@_4nh*lJ`(8gEUTisNo1d18(>gEb*6k@ZVGm`_uhs@nkfNq<eVXMbJF)Guokt
z1OmE6G;TN0SP`n-QWt~8(U>u8Y9tD3zX_JI8^lIq^#kpobmeDv*t13w=L1wlg#%oQ
z^<AwLXS16LO@pZyA~Sm#$g@RI!;;6H+$XUQ%x*jrR9PPLo&h;nX3pKIuf~rVf42LN
z#`}lvgAk2fdu#4hOc|w~dq(0S9$0BN(OjizN6Yjetf9agA2mLT@qB-!J_>3+>*Ybb
zNX}LH#BP3`%&4A~B?Yw^`kR+3rCS}}MOD;@8TVyDdNTe>w@Zfg5%_U`O)vdb<b|F9
zeM8|*?moWo)#>Gr=Qme(v#-AT>aSblk$(LpUcLO%g*1BYr=E)X<Tg&1heO9jNk;MM
zf0*nhe%J&+#uCs=`w_g@3%|1|k=mp7;u07%A!=w+Y#UK{VU=6)n14J}lD@<ABY;o}
z^sj5iv$47eeUj~Ju{Y?h_}bUHrjgskH(4}s?CQa=X+J>S0o~?fe@LBQf)JUDI@IRl
zw$}s2LPAuc&y6_G(|pI8`gWCasDB-iB|nBJEJB0DnTiHE4s9^Mve~|_3`qhe+JDWP
z<76aE(L)*Xk2t*P2Q3qNTf~5%>tKTee$~V2fJ^F^9sq|}!1YSlM~F7uhu>5#swPeh
z_6fTDg?^yP<x=3Ci11ZjMiB8SZTeK+rfcz=&up7joEf02+qs<6iNB?9Rq2*bx5!^+
zxL8rT;h8DyRjg>X!@ofI6^aF|#80X$EBFx2cq;0cnEPUNkeq*%=<Iwn#q2pqI^hFK
zKWvlFu)lobRG)D^d1{<<QgmZ2r1S05h+<H?|L15xaW6dD8<L%lk9*S{i6_L^3u~V{
z9>nlFk4ML!;5<+~{sKjx1^wP<j~ROQ=r{#JpB#;?ctWxzNM7WRK7Ufe=X;ca86(u7
zJBVWkt`G+5rtCc+2Wnikj)?7;yye*n{?Go>-@p6HlV3dt&wi|-&wftn{X6}oKsJ5q
zrDyh7!$)G;IXgwRnfl-K^++6wLqy8qvnbCC<o3NF?~5;Rv8&h@pRrUdNp3d{y*CLH
z4H`9s<jHx%skUoSz<aXQCXRW6Yfc8ez%kzyF#X#5T)))UaI*Kyp6aWgDC8>|_w3>~
z11!HxqtO3N#R0yj)en}_el|ldlz*r9Ji`o0NH!P?(l7s~2E{6>t(EtbE(EF}w8y$a
zFH3*^peZTM(G@Q({XvW$*KGfWBcjR9!vF|TTcg#WxSbQjAb!Fkvf$h`=(%{h7Ry%{
X>f}k8$CswHS||SlDzl~tQzQTYm|t1I

diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-ca b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-ca
deleted file mode 100755
index bce29a6..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-ca
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-#
-# Build a root certificate
-#
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --initca $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-dh b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-dh
deleted file mode 100755
index 4beb127..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-dh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-# Build Diffie-Hellman parameters for the server side
-# of an SSL/TLS connection.
-
-if [ -d $KEY_DIR ] && [ $KEY_SIZE ]; then
-    $OPENSSL dhparam -out ${KEY_DIR}/dh${KEY_SIZE}.pem ${KEY_SIZE}
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-inter b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-inter
deleted file mode 100755
index 87bf98d..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-inter
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Make an intermediate CA certificate/private key pair using a locally generated
-# root certificate.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --inter $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key
deleted file mode 100755
index 6c0fed8..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Make a certificate/private key pair using a locally generated
-# root certificate.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pass b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pass
deleted file mode 100755
index 8ef8307..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pass
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Similar to build-key, but protect the private key
-# with a password.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pass $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pkcs12 b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pkcs12
deleted file mode 100755
index ba90e6a..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-pkcs12
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# Make a certificate/private key pair using a locally generated
-# root certificate and convert it to a PKCS #12 file including the
-# the CA certificate as well.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --pkcs12 $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-server b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-server
deleted file mode 100755
index fee0194..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-key-server
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-# Make a certificate/private key pair using a locally generated
-# root certificate.
-#
-# Explicitly set nsCertType to server using the "server"
-# extension in the openssl.cnf file.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --server $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req
deleted file mode 100755
index 559d512..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Build a certificate signing request and private key.  Use this
-# when your root certificate and key is not available locally.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req-pass b/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req-pass
deleted file mode 100755
index b73ee1b..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/build-req-pass
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Like build-req, but protect your private key
-# with a password.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --csr --pass $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/clean-all b/ANW-URB/openvpn/easy-rsa/2.0/tmp/clean-all
deleted file mode 100755
index cc6e3b2..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/clean-all
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-# Initialize the $KEY_DIR directory.
-# Note that this script does a
-# rm -rf on $KEY_DIR so be careful!
-
-if [ "$KEY_DIR" ]; then
-    rm -rf "$KEY_DIR"
-    mkdir "$KEY_DIR" && \
-	chmod go-rwx "$KEY_DIR" && \
-	touch "$KEY_DIR/index.txt" && \
-	echo 01 >"$KEY_DIR/serial"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/file b/ANW-URB/openvpn/easy-rsa/2.0/tmp/file
deleted file mode 100644
index 1987bd7..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/file
+++ /dev/null
@@ -1 +0,0 @@
-./openssl-1.0.0.cnf
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/inherit-inter b/ANW-URB/openvpn/easy-rsa/2.0/tmp/inherit-inter
deleted file mode 100755
index aaa5168..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/inherit-inter
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-
-# Build a new PKI which is rooted on an intermediate certificate generated
-# by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should
-# have independent vars settings, and must use a different KEY_DIR directory
-# from the parent.  This tool can be used to generate arbitrary depth
-# certificate chains.
-#
-# To build an intermediate CA, follow the same steps for a regular PKI but
-# replace ./build-key or ./pkitool --initca with this script.
-
-# The EXPORT_CA file will contain the CA certificate chain and should be
-# referenced by the OpenVPN "ca" directive in config files.  The ca.crt file
-# will only contain the local intermediate CA -- it's needed by the easy-rsa
-# scripts but not by OpenVPN directly.
-EXPORT_CA="export-ca.crt"
-
-if [ $# -ne 2 ]; then
-    echo "usage: $0 <parent-key-dir> <common-name>"
-    echo "parent-key-dir: the KEY_DIR directory of the parent PKI"
-    echo "common-name: the common name of the intermediate certificate in the parent PKI"
-    exit 1;
-fi
-
-if [ "$KEY_DIR" ]; then
-    cp "$1/$2.crt" "$KEY_DIR/ca.crt"
-    cp "$1/$2.key" "$KEY_DIR/ca.key"
-
-    if [ -e "$1/$EXPORT_CA" ]; then
-	PARENT_CA="$1/$EXPORT_CA"
-    else
-	PARENT_CA="$1/ca.crt"
-    fi
-    cp "$PARENT_CA" "$KEY_DIR/$EXPORT_CA"
-    cat "$KEY_DIR/ca.crt" >> "$KEY_DIR/$EXPORT_CA"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/list-crl b/ANW-URB/openvpn/easy-rsa/2.0/tmp/list-crl
deleted file mode 100755
index d1d8a69..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/list-crl
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-# list revoked certificates
-
-CRL="${1:-crl.pem}"
-
-if [ "$KEY_DIR" ]; then
-    cd "$KEY_DIR" && \
-	$OPENSSL crl -text -noout -in "$CRL"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-0.9.6.cnf b/ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-0.9.6.cnf
deleted file mode 100644
index d28341d..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-0.9.6.cnf
+++ /dev/null
@@ -1,265 +0,0 @@
-# For use with easy-rsa version 2.0
-
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key	 	# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType			= server
-nsComment			= "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-1.0.0.cnf b/ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-1.0.0.cnf
deleted file mode 100644
index da425aa..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/openssl-1.0.0.cnf
+++ /dev/null
@@ -1,285 +0,0 @@
-# For use with easy-rsa version 2.0 and OpenSSL 1.0.0*
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
-openssl_conf		= openssl_init
-
-[ openssl_init ]
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-engines			= engine_section
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= $ENV::KEY_DIR		# Where everything is kept
-certs		= $dir			# Where the issued certs are kept
-crl_dir		= $dir			# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir			# default place for new certs.
-
-certificate	= $dir/ca.crt	 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/ca.key		# The private key
-RANDFILE	= $dir/.rand		# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 3650			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_anything
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-name			= optional
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= $ENV::KEY_SIZE
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options. 
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation after 2004).
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= $ENV::KEY_COUNTRY
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= $ENV::KEY_PROVINCE
-
-localityName			= Locality Name (eg, city)
-localityName_default		= $ENV::KEY_CITY
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= $ENV::KEY_ORG
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, your name or your server\'s hostname)
-commonName_max			= 64
-
-name				= Name
-name_max			= 64
-
-emailAddress			= Email Address
-emailAddress_default		= $ENV::KEY_EMAIL
-emailAddress_max		= 40
-
-# JY -- added for batch mode
-organizationalUnitName_default = $ENV::KEY_OU
-commonName_default = $ENV::KEY_CN
-name_default = $ENV::KEY_NAME
-
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "Easy-RSA Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=clientAuth
-keyUsage = digitalSignature
-
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType                     = server
-nsComment                      = "Easy-RSA Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-extendedKeyUsage=serverAuth
-keyUsage = digitalSignature, keyEncipherment
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
-[ engine_section ]
-#
-# If you are using PKCS#11
-# Install engine_pkcs11 of opensc (www.opensc.org)
-# And uncomment the following
-# verify that dynamic_path points to the correct location
-#
-#pkcs11 = pkcs11_section
-
-[ pkcs11_section ]
-engine_id = pkcs11
-dynamic_path = /usr/lib/engines/engine_pkcs11.so
-MODULE_PATH = $ENV::PKCS11_MODULE_PATH
-PIN = $ENV::PKCS11_PIN
-init = 0
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/pkitool b/ANW-URB/openvpn/easy-rsa/2.0/tmp/pkitool
deleted file mode 100755
index 49588f5..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/pkitool
+++ /dev/null
@@ -1,379 +0,0 @@
-#!/bin/sh
-
-#  OpenVPN -- An application to securely tunnel IP networks
-#             over a single TCP/UDP port, with support for SSL/TLS-based
-#             session authentication and key exchange,
-#             packet encryption, packet authentication, and
-#             packet compression.
-#
-#  Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
-#
-#  This program is free software; you can redistribute it and/or modify
-#  it under the terms of the GNU General Public License version 2
-#  as published by the Free Software Foundation.
-#
-#  This program is distributed in the hope that it will be useful,
-#  but WITHOUT ANY WARRANTY; without even the implied warranty of
-#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#  GNU General Public License for more details.
-#
-#  You should have received a copy of the GNU General Public License
-#  along with this program (see the file COPYING included with this
-#  distribution); if not, write to the Free Software Foundation, Inc.,
-#  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-
-# pkitool is a front-end for the openssl tool.
-
-# Calling scripts can set the certificate organizational 
-# unit with the KEY_OU environmental variable. 
-
-# Calling scripts can also set the KEY_NAME environmental
-# variable to set the "name" X509 subject field.
-
-PROGNAME=pkitool
-VERSION=2.0
-DEBUG=0
-
-die()
-{
-    local m="$1"
-
-    echo "$m" >&2
-    exit 1
-}
-
-need_vars()
-{
-    echo '  Please edit the vars script to reflect your configuration,'
-    echo '  then source it with "source ./vars".'
-    echo '  Next, to start with a fresh PKI configuration and to delete any'
-    echo '  previous certificates and keys, run "./clean-all".'
-    echo "  Finally, you can run this tool ($PROGNAME) to build certificates/keys."
-}
-
-usage()
-{
-    echo "$PROGNAME $VERSION"
-    echo "Usage: $PROGNAME [options...] [common-name]"
-    echo "Options:"
-    echo "  --batch    : batch mode (default)"
-    echo "  --keysize  : Set keysize"
-    echo "      size   : size (default=1024)"
-    echo "  --interact : interactive mode"
-    echo "  --server   : build server cert"
-    echo "  --initca   : build root CA"
-    echo "  --inter    : build intermediate CA"
-    echo "  --pass     : encrypt private key with password"
-    echo "  --csr      : only generate a CSR, do not sign"
-    echo "  --sign     : sign an existing CSR"
-    echo "  --pkcs12   : generate a combined PKCS#12 file"
-    echo "  --pkcs11   : generate certificate on PKCS#11 token"
-    echo "      lib    : PKCS#11 library"
-    echo "      slot   : PKCS#11 slot"
-    echo "      id     : PKCS#11 object id (hex string)"
-    echo "      label  : PKCS#11 object label"
-    echo "Standalone options:"
-    echo "  --pkcs11-slots   : list PKCS#11 slots"
-    echo "      lib    : PKCS#11 library"
-    echo "  --pkcs11-objects : list PKCS#11 token objects"
-    echo "      lib    : PKCS#11 library"
-    echo "      slot   : PKCS#11 slot"
-    echo "  --pkcs11-init    : initialize PKCS#11 token DANGEROUS!!!"
-    echo "      lib    : PKCS#11 library"
-    echo "      slot   : PKCS#11 slot"
-    echo "      label  : PKCS#11 token label"
-    echo "Notes:"
-    need_vars
-    echo "  In order to use PKCS#11 interface you must have opensc-0.10.0 or higher."
-    echo "Generated files and corresponding OpenVPN directives:"
-    echo '(Files will be placed in the $KEY_DIR directory, defined in ./vars)'
-    echo "  ca.crt     -> root certificate (--ca)"
-    echo "  ca.key     -> root key, keep secure (not directly used by OpenVPN)"
-    echo "  .crt files -> client/server certificates (--cert)"
-    echo "  .key files -> private keys, keep secure (--key)"
-    echo "  .csr files -> certificate signing request (not directly used by OpenVPN)"
-    echo "  dh1024.pem or dh2048.pem -> Diffie Hellman parameters (--dh)"
-    echo "Examples:"
-    echo "  $PROGNAME --initca          -> Build root certificate"
-    echo "  $PROGNAME --initca --pass   -> Build root certificate with password-protected key"
-    echo "  $PROGNAME --server server1  -> Build \"server1\" certificate/key"
-    echo "  $PROGNAME client1           -> Build \"client1\" certificate/key"
-    echo "  $PROGNAME --pass client2    -> Build password-protected \"client2\" certificate/key"
-    echo "  $PROGNAME --pkcs12 client3  -> Build \"client3\" certificate/key in PKCS#12 format"
-    echo "  $PROGNAME --csr client4     -> Build \"client4\" CSR to be signed by another CA"
-    echo "  $PROGNAME --sign client4    -> Sign \"client4\" CSR"
-    echo "  $PROGNAME --inter interca   -> Build an intermediate key-signing certificate/key"
-    echo "                               Also see ./inherit-inter script."
-    echo "  $PROGNAME --pkcs11 /usr/lib/pkcs11/lib1 0 010203 \"client5 id\" client5"
-    echo "                              -> Build \"client5\" certificate/key in PKCS#11 token"
-    echo "Typical usage for initial PKI setup.  Build myserver, client1, and client2 cert/keys."
-    echo "Protect client2 key with a password.  Build DH parms.  Generated files in ./keys :"
-    echo "  [edit vars with your site-specific info]"
-    echo "  source ./vars"
-    echo "  ./clean-all"
-    echo "  ./build-dh     -> takes a long time, consider backgrounding"
-    echo "  ./$PROGNAME --initca"
-    echo "  ./$PROGNAME --server myserver"
-    echo "  ./$PROGNAME client1"
-    echo "  ./$PROGNAME --pass client2"
-    echo "Typical usage for adding client cert to existing PKI:"
-    echo "  source ./vars"
-    echo "  ./$PROGNAME client-new"
-}
-
-# Set tool defaults
-[ -n "$OPENSSL" ] || export OPENSSL="openssl"
-[ -n "$PKCS11TOOL" ] || export PKCS11TOOL="pkcs11-tool"
-[ -n "$GREP" ] || export GREP="grep"
-
-# Set defaults
-DO_REQ="1"
-REQ_EXT=""
-DO_CA="1"
-CA_EXT=""
-DO_P12="0"
-DO_P11="0"
-DO_ROOT="0"
-NODES_REQ="-nodes"
-NODES_P12=""
-BATCH="-batch"
-CA="ca"
-# must be set or errors of openssl.cnf
-PKCS11_MODULE_PATH="dummy"
-PKCS11_PIN="dummy"
-
-# Process options
-while [ $# -gt 0 ]; do
-    case "$1" in
-        --keysize  ) KEY_SIZE=$2
-		     shift;;
-	--server   ) REQ_EXT="$REQ_EXT -extensions server"
-	             CA_EXT="$CA_EXT -extensions server" ;;
-	--batch    ) BATCH="-batch" ;;
-	--interact ) BATCH="" ;;
-        --inter    ) CA_EXT="$CA_EXT -extensions v3_ca" ;;
-        --initca   ) DO_ROOT="1" ;;
-	--pass     ) NODES_REQ="" ;;
-        --csr      ) DO_CA="0" ;;
-        --sign     ) DO_REQ="0" ;;
-        --pkcs12   ) DO_P12="1" ;;
-	--pkcs11   ) DO_P11="1"
-	             PKCS11_MODULE_PATH="$2"
-		     PKCS11_SLOT="$3"
-		     PKCS11_ID="$4"
-		     PKCS11_LABEL="$5"
-		     shift 4;;
-
-	# standalone
-	--pkcs11-init)
-	             PKCS11_MODULE_PATH="$2"
-	             PKCS11_SLOT="$3"
-	             PKCS11_LABEL="$4"
-		     if [ -z "$PKCS11_LABEL" ]; then
-		       die "Please specify library name, slot and label"
-		     fi
-		     $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-token --slot "$PKCS11_SLOT" \
-		     	--label "$PKCS11_LABEL" &&
-			$PKCS11TOOL --module "$PKCS11_MODULE_PATH" --init-pin --slot "$PKCS11_SLOT"
-		     exit $?;;
-	--pkcs11-slots)
-	             PKCS11_MODULE_PATH="$2"
-		     if [ -z "$PKCS11_MODULE_PATH" ]; then
-		       die "Please specify library name"
-		     fi
-		     $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-slots
-		     exit 0;;
-	--pkcs11-objects)
-	             PKCS11_MODULE_PATH="$2"
-	             PKCS11_SLOT="$3"
-		     if [ -z "$PKCS11_SLOT" ]; then
-		       die "Please specify library name and slot"
-		     fi
-		     $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --list-objects --login --slot "$PKCS11_SLOT"
-		     exit 0;;
-
-        --help|--usage)
-                    usage
-                    exit ;;
-        --version)
-                    echo "$PROGNAME $VERSION"
-                    exit ;;
-	# errors
-	--*        ) die "$PROGNAME: unknown option: $1" ;;
-	*          ) break ;;
-    esac
-    shift   
-done
-
-if ! [ -z "$BATCH" ]; then
-	if $OPENSSL version | grep 0.9.6 > /dev/null; then
-		die "Batch mode is unsupported in openssl<0.9.7"
-	fi
-fi
-
-if [ $DO_P12 -eq 1 -a $DO_P11 -eq 1 ]; then
-	die "PKCS#11 and PKCS#12 cannot be specified together"
-fi
-
-if [ $DO_P11 -eq 1 ]; then
-	if ! grep "^pkcs11.*=" "$KEY_CONFIG" > /dev/null; then
-		die "Please edit $KEY_CONFIG and setup PKCS#11 engine"
-	fi
-fi
-
-# If we are generating pkcs12, only encrypt the final step
-if [ $DO_P12 -eq 1 ]; then
-    NODES_P12="$NODES_REQ"
-    NODES_REQ="-nodes"
-fi
-
-if [ $DO_P11 -eq 1 ]; then
-	if [ -z "$PKCS11_LABEL" ]; then
-		die "PKCS#11 arguments incomplete"
-	fi
-fi
-
-# If undefined, set default key expiration intervals
-if [ -z "$KEY_EXPIRE" ]; then
-    KEY_EXPIRE=3650
-fi
-if [ -z "$CA_EXPIRE" ]; then
-    CA_EXPIRE=3650
-fi
-
-# Set organizational unit to empty string if undefined
-if [ -z "$KEY_OU" ]; then
-    KEY_OU=""
-fi
-
-# Set X509 Name string to empty string if undefined
-if [ -z "$KEY_NAME" ]; then
-    KEY_NAME=""
-fi
-
-# Set KEY_CN, FN
-if [ $DO_ROOT -eq 1 ]; then
-    if [ -z "$KEY_CN" ]; then
-	if [ "$1" ]; then
-	    KEY_CN="$1"
-	elif [ "$KEY_ORG" ]; then
-	    KEY_CN="$KEY_ORG CA"
-	fi
-    fi
-    if [ $BATCH ] && [ "$KEY_CN" ]; then
-	echo "Using CA Common Name:" "$KEY_CN"
-    fi
-    FN="$KEY_CN"
-elif [ $BATCH ] && [ "$KEY_CN" ]; then
-    echo "Using Common Name:" "$KEY_CN"
-    FN="$KEY_CN"
-    if [ "$1" ]; then
-	FN="$1"
-    fi
-else
-    if [ $# -ne 1 ]; then
-	usage
-	exit 1
-    else
-	KEY_CN="$1"
-    fi
-    FN="$KEY_CN"
-fi
-
-export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_NAME KEY_CN PKCS11_MODULE_PATH PKCS11_PIN
-
-# Show parameters (debugging)
-if [ $DEBUG -eq 1 ]; then
-    echo DO_REQ $DO_REQ
-    echo REQ_EXT $REQ_EXT
-    echo DO_CA $DO_CA
-    echo CA_EXT $CA_EXT
-    echo NODES_REQ $NODES_REQ
-    echo NODES_P12 $NODES_P12
-    echo DO_P12 $DO_P12
-    echo KEY_CN $KEY_CN
-    echo BATCH $BATCH
-    echo DO_ROOT $DO_ROOT
-    echo KEY_EXPIRE $KEY_EXPIRE
-    echo CA_EXPIRE $CA_EXPIRE
-    echo KEY_OU $KEY_OU
-    echo KEY_NAME $KEY_NAME
-    echo DO_P11 $DO_P11
-    echo PKCS11_MODULE_PATH $PKCS11_MODULE_PATH
-    echo PKCS11_SLOT $PKCS11_SLOT
-    echo PKCS11_ID $PKCS11_ID
-    echo PKCS11_LABEL $PKCS11_LABEL
-fi
-
-# Make sure ./vars was sourced beforehand
-if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" ]; then
-    cd "$KEY_DIR"
-
-    # Make sure $KEY_CONFIG points to the correct version
-    # of openssl.cnf
-    if $GREP -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then
-	:
-    else
-	echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to the wrong"
-        echo "version of openssl.cnf: $KEY_CONFIG"
-	echo "The correct version should have a comment that says: easy-rsa version 2.x";
-	exit 1;
-    fi
-
-    # Build root CA
-    if [ $DO_ROOT -eq 1 ]; then
-	$OPENSSL req $BATCH -days $CA_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE -sha1 \
-	    -x509 -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \
-	    chmod 0600 "$CA.key"
-    else        
-        # Make sure CA key/cert is available
-	if [ $DO_CA -eq 1 ] || [ $DO_P12 -eq 1 ]; then
-	    if [ ! -r "$CA.crt" ] || [ ! -r "$CA.key" ]; then
-		echo "$PROGNAME: Need a readable $CA.crt and $CA.key in $KEY_DIR"
-		echo "Try $PROGNAME --initca to build a root certificate/key."
-		exit 1
-	    fi
-	fi
-
-	# Generate key for PKCS#11 token
-	PKCS11_ARGS=
-	if [ $DO_P11 -eq 1 ]; then
-	        stty -echo
-	        echo -n "User PIN: "
-	        read -r PKCS11_PIN
-	        stty echo
-		export PKCS11_PIN
-
-		echo "Generating key pair on PKCS#11 token..."
-		$PKCS11TOOL --module "$PKCS11_MODULE_PATH" --keypairgen \
-			--login --pin "$PKCS11_PIN" \
-			--key-type rsa:1024 \
-			--slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" || exit 1
-		PKCS11_ARGS="-engine pkcs11 -keyform engine -key $PKCS11_SLOT:$PKCS11_ID"
-	fi
-
-        # Build cert/key
-	( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \
-	        -keyout "$FN.key" -out "$FN.csr" $REQ_EXT -config "$KEY_CONFIG" $PKCS11_ARGS ) && \
-	    ( [ $DO_CA -eq 0 ]  || $OPENSSL ca $BATCH -days $KEY_EXPIRE -out "$FN.crt" \
-	        -in "$FN.csr" $CA_EXT -md sha1 -config "$KEY_CONFIG" ) && \
-	    ( [ $DO_P12 -eq 0 ] || $OPENSSL pkcs12 -export -inkey "$FN.key" \
-	        -in "$FN.crt" -certfile "$CA.crt" -out "$FN.p12" $NODES_P12 ) && \
-	    ( [ $DO_CA -eq 0 -o $DO_P11 -eq 1 ]  || chmod 0600 "$FN.key" ) && \
-	    ( [ $DO_P12 -eq 0 ] || chmod 0600 "$FN.p12" )
-
-	# Load certificate into PKCS#11 token
-	if [ $DO_P11 -eq 1 ]; then
-		$OPENSSL x509 -in "$FN.crt" -inform PEM -out "$FN.crt.der" -outform DER && \
-		  $PKCS11TOOL --module "$PKCS11_MODULE_PATH" --write-object "$FN.crt.der" --type cert \
-			--login --pin "$PKCS11_PIN" \
-			--slot "$PKCS11_SLOT" --id "$PKCS11_ID" --label "$PKCS11_LABEL" 
-		[ -e "$FN.crt.der" ]; rm "$FN.crt.der"
-	fi
-
-    fi
-
-# Need definitions
-else
-    need_vars
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/revoke-full b/ANW-URB/openvpn/easy-rsa/2.0/tmp/revoke-full
deleted file mode 100755
index 4169c4c..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/revoke-full
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh
-
-# revoke a certificate, regenerate CRL,
-# and verify revocation
-
-CRL="crl.pem"
-RT="revoke-test.pem"
-
-if [ $# -ne 1 ]; then
-    echo "usage: revoke-full <cert-name-base>";
-    exit 1
-fi
-
-if [ "$KEY_DIR" ]; then
-    cd "$KEY_DIR"
-    rm -f "$RT"
-
-    # set defaults
-    export KEY_CN=""
-    export KEY_OU=""
-    export KEY_NAME=""
-
-    # revoke key and generate a new CRL
-    $OPENSSL ca -revoke "$1.crt" -config "$KEY_CONFIG"
-
-    # generate a new CRL -- try to be compatible with
-    # intermediate PKIs
-    $OPENSSL ca -gencrl -out "$CRL" -config "$KEY_CONFIG"
-    if [ -e export-ca.crt ]; then
-	cat export-ca.crt "$CRL" >"$RT"
-    else
-	cat ca.crt "$CRL" >"$RT"
-    fi
-    
-    # verify the revocation
-    $OPENSSL verify -CAfile "$RT" -crl_check "$1.crt"
-else
-    echo 'Please source the vars script first (i.e. "source ./vars")'
-    echo 'Make sure you have edited it to reflect your configuration.'
-fi
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/sign-req b/ANW-URB/openvpn/easy-rsa/2.0/tmp/sign-req
deleted file mode 100755
index 6cae7b4..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/sign-req
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Sign a certificate signing request (a .csr file)
-# with a local root certificate and key.
-
-export EASY_RSA="${EASY_RSA:-.}"
-"$EASY_RSA/pkitool" --interact --sign $*
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/vars b/ANW-URB/openvpn/easy-rsa/2.0/tmp/vars
deleted file mode 100644
index 2ea1ced..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/vars
+++ /dev/null
@@ -1,74 +0,0 @@
-# easy-rsa parameter settings
-
-# NOTE: If you installed from an RPM,
-# don't edit this file in place in
-# /usr/share/openvpn/easy-rsa --
-# instead, you should copy the whole
-# easy-rsa directory to another location
-# (such as /etc/openvpn) so that your
-# edits will not be wiped out by a future
-# OpenVPN package upgrade.
-
-# This variable should point to
-# the top level of the easy-rsa
-# tree.
-export EASY_RSA="`pwd`"
-
-#
-# This variable should point to
-# the requested executables
-#
-export OPENSSL="openssl"
-export PKCS11TOOL="pkcs11-tool"
-export GREP="grep"
-
-
-# This variable should point to
-# the openssl.cnf file included
-# with easy-rsa.
-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
-
-# Edit this variable to point to
-# your soon-to-be-created key
-# directory.
-#
-# WARNING: clean-all will do
-# a rm -rf on this directory
-# so make sure you define
-# it correctly!
-export KEY_DIR="$EASY_RSA/keys"
-
-# Issue rm -rf warning
-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
-
-# PKCS11 fixes
-export PKCS11_MODULE_PATH="dummy"
-export PKCS11_PIN="dummy"
-
-# Increase this to 2048 if you
-# are paranoid.  This will slow
-# down TLS negotiation performance
-# as well as the one-time DH parms
-# generation process.
-export KEY_SIZE=1024
-
-# In how many days should the root CA key expire?
-export CA_EXPIRE=3650
-
-# In how many days should certificates expire?
-export KEY_EXPIRE=3650
-
-# These are the default values for fields
-# which will be placed in the certificate.
-# Don't leave any of these fields blank.
-export KEY_COUNTRY="US"
-export KEY_PROVINCE="CA"
-export KEY_CITY="SanFrancisco"
-export KEY_ORG="Fort-Funston"
-export KEY_EMAIL="me@myhost.mydomain"
-export KEY_EMAIL=mail@host.domain
-export KEY_CN=changeme
-export KEY_NAME=changeme
-export KEY_OU=changeme
-export PKCS11_MODULE_PATH=changeme
-export PKCS11_PIN=1234
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/tmp/whichopensslcnf b/ANW-URB/openvpn/easy-rsa/2.0/tmp/whichopensslcnf
deleted file mode 100755
index 94225cb..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/tmp/whichopensslcnf
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-
-cnf="$1/openssl.cnf"
-if [ "$OPENSSL" ]; then
-	if $OPENSSL version | grep 0.9.6 > /dev/null; then
-		cnf="$1/openssl-0.9.6.cnf"
-	elif $OPENSSL version | grep -E "1\.0\.([[:digit:]][[:alnum:]])" > /dev/null; then
-                cnf="$1/openssl-1.0.0.cnf"
-	else
-		cnf="$1/openssl.cnf"
-	fi
-fi
-
-echo $cnf
-
-if [ ! -r $cnf ]; then
-    echo "**************************************************************" >&2
-    echo "  No $cnf file could be found" >&2
-    echo "  Further invocations will fail" >&2
-    echo "**************************************************************" >&2
-fi 
-
-exit 0
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/vars b/ANW-URB/openvpn/easy-rsa/2.0/vars
deleted file mode 100644
index 68b5f30..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/vars
+++ /dev/null
@@ -1,86 +0,0 @@
-# easy-rsa parameter settings
-
-# NOTE: If you installed from an RPM,
-# don't edit this file in place in
-# /usr/share/openvpn/easy-rsa --
-# instead, you should copy the whole
-# easy-rsa directory to another location
-# (such as /etc/openvpn) so that your
-# edits will not be wiped out by a future
-# OpenVPN package upgrade.
-
-# This variable should point to
-# the top level of the easy-rsa
-# tree.
-##export EASY_RSA="`pwd`"
-BASE_DIR=/etc/openvpn
-export EASY_RSA="${BASE_DIR}/easy-rsa/2.0"
-
-#
-# This variable should point to
-# the requested executables
-#
-export OPENSSL="openssl"
-export PKCS11TOOL="pkcs11-tool"
-export GREP="grep"
-
-
-# This variable should point to
-# the openssl.cnf file included
-# with easy-rsa.
-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
-
-# Edit this variable to point to
-# your soon-to-be-created key
-# directory.
-#
-# WARNING: clean-all will do
-# a rm -rf on this directory
-# so make sure you define
-# it correctly!
-##export KEY_DIR="$EASY_RSA/keys"
-export KEY_DIR="${BASE_DIR}/keys"
-
-# Issue rm -rf warning
-echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
-
-# PKCS11 fixes
-export PKCS11_MODULE_PATH="dummy"
-export PKCS11_PIN="dummy"
-
-# Increase this to 2048 if you
-# are paranoid.  This will slow
-# down TLS negotiation performance
-# as well as the one-time DH parms
-# generation process.
-export KEY_SIZE=1024
-
-# In how many days should the root CA key expire?
-export CA_EXPIRE=3650
-
-# In how many days should certificates expire?
-export KEY_EXPIRE=3650
-
-# These are the default values for fields
-# which will be placed in the certificate.
-# Don't leave any of these fields blank.
-##export KEY_COUNTRY="US"
-##export KEY_PROVINCE="CA"
-##export KEY_CITY="SanFrancisco"
-##export KEY_ORG="Fort-Funston"
-##export KEY_EMAIL="me@myhost.mydomain"
-##export KEY_EMAIL=mail@host.domain
-export KEY_CN=changeme
-export KEY_NAME=changeme
-##export KEY_OU=changeme
-export PKCS11_MODULE_PATH=changeme
-export PKCS11_PIN=1234
-
-export KEY_COUNTRY=DE
-export KEY_PROVINCE=Berlin
-export KEY_CITY=Berlin
-export KEY_ORG="o.open"
-export KEY_OU="Netzwerk Services"
-export KEY_EMAIL="argus@oopen.de"
-
-
diff --git a/ANW-URB/openvpn/easy-rsa/2.0/whichopensslcnf b/ANW-URB/openvpn/easy-rsa/2.0/whichopensslcnf
deleted file mode 100755
index 2226a8e..0000000
--- a/ANW-URB/openvpn/easy-rsa/2.0/whichopensslcnf
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-
-cnf="$1/openssl.cnf"
-
-if [ "$OPENSSL" ]; then
-	if $OPENSSL version | grep -E "0\.9\.6[[:alnum:]]" > /dev/null; then
-		cnf="$1/openssl-0.9.6.cnf"
-	elif $OPENSSL version | grep -E "0\.9\.8[[:alnum:]]" > /dev/null; then
-		cnf="$1/openssl-0.9.8.cnf"
-	elif $OPENSSL version | grep -E "1\.0\.([[:digit:]][[:alnum:]])" > /dev/null; then
-                cnf="$1/openssl-1.0.0.cnf"
-	else
-		cnf="$1/openssl.cnf"
-	fi
-fi
-
-echo $cnf
-
-if [ ! -r $cnf ]; then
-    echo "**************************************************************" >&2
-    echo "  No $cnf file could be found" >&2
-    echo "  Further invocations will fail" >&2
-    echo "**************************************************************" >&2
-fi
-
-exit 0
diff --git a/ANW-URB/openvpn/ipaddresses.txt b/ANW-URB/openvpn/ipaddresses.txt
deleted file mode 100644
index ba916f0..0000000
--- a/ANW-URB/openvpn/ipaddresses.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-10.0.63.1   openvpn server
-10.0.63.2   -- chris --
-10.0.63.3   -- frei --
-10.0.63.4   -- frei --
-10.0.63.5   undine
-10.0.63.6   -- frei --
-
diff --git a/ANW-URB/openvpn/ipp.txt b/ANW-URB/openvpn/ipp.txt
deleted file mode 100644
index e69de29..0000000
diff --git a/ANW-URB/openvpn/keys/01.pem b/ANW-URB/openvpn/keys/01.pem
deleted file mode 100644
index b8a81df..0000000
--- a/ANW-URB/openvpn/keys/01.pem
+++ /dev/null
@@ -1,70 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Jul  1 23:13:53 2008 GMT
-            Not After : Jun 29 23:13:53 2018 GMT
-        Subject: C=DE, ST=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN-server/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:d0:5b:9b:21:03:ec:db:17:cf:35:f5:5b:de:6b:
-                    a9:1a:69:cc:09:c8:6e:a2:4a:36:66:10:9b:00:2c:
-                    1a:bd:59:6f:0f:b8:35:22:8e:8e:b0:e4:07:94:6c:
-                    cd:7b:35:6a:3e:36:ff:28:eb:2a:78:3a:06:69:82:
-                    90:3f:8d:c9:7b:5b:b7:1d:f6:df:c0:65:ea:da:50:
-                    f9:6b:94:b2:94:89:5f:3c:75:a2:13:9c:37:6c:11:
-                    7f:c8:88:e6:73:3d:67:6e:27:98:33:82:ee:76:35:
-                    a6:f2:b5:f7:5f:a2:f2:b9:c7:90:e2:b1:d2:20:c6:
-                    ee:45:a0:34:27:a3:a8:d3:f1
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Cert Type: 
-                SSL Server
-            Netscape Comment: 
-                OpenSSL Generated Server Certificate
-            X509v3 Subject Key Identifier: 
-                38:93:19:84:8B:74:C0:F1:0C:C9:19:EF:68:80:99:CE:07:FD:97:07
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-    Signature Algorithm: md5WithRSAEncryption
-        2c:ee:2e:ff:76:a8:c1:37:71:19:f8:7c:86:68:56:55:03:18:
-        48:94:7b:3b:ad:6e:30:16:7d:ef:14:15:94:5b:48:7d:78:2b:
-        04:66:38:c9:1a:64:7b:df:aa:ab:95:24:9c:3f:53:3c:3c:03:
-        c1:21:4a:00:18:d7:db:6d:45:79:ea:cf:5e:2f:bf:a2:8f:b6:
-        33:45:02:a7:86:e7:17:35:72:30:ba:01:07:e1:16:57:8f:ca:
-        00:5d:7d:27:39:27:e3:25:d2:06:37:52:d4:41:9c:92:1e:05:
-        09:8b:4e:06:d8:9c:0e:6e:1b:5b:1c:cb:f4:99:a6:5d:c5:7d:
-        d5:94
------BEGIN CERTIFICATE-----
-MIID1DCCAz2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTA4MDcwMTIz
-MTM1M1oXDTE4MDYyOTIzMTM1M1owgYgxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNl
-czEdMBsGA1UEAxMUQU5XLVVyYmFuLVZQTi1zZXJ2ZXIxHTAbBgkqhkiG9w0BCQEW
-DmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQW5sh
-A+zbF8819Vvea6kaacwJyG6iSjZmEJsALBq9WW8PuDUijo6w5AeUbM17NWo+Nv8o
-6yp4OgZpgpA/jcl7W7cd9t/AZeraUPlrlLKUiV88daITnDdsEX/IiOZzPWduJ5gz
-gu52NabytfdfovK5x5DisdIgxu5FoDQno6jT8QIDAQABo4IBQDCCATwwCQYDVR0T
-BAIwADARBglghkgBhvhCAQEEBAMCBkAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wg
-R2VuZXJhdGVkIFNlcnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUOJMZhIt0wPEM
-yRnvaICZzgf9lwcwgccGA1UdIwSBvzCBvIAU2N9OHTISG3GmNMPw/iUaYv5XEWeh
-gZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT
-BkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3JrIHNlcnZp
-Y2VzMRYwFAYDVQQDEw1BTlctVXJiYW4tVlBOMR0wGwYJKoZIhvcNAQkBFg5hcmd1
-c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MA0GCSqGSIb3DQEBBAUAA4GBACzuLv92qME3
-cRn4fIZoVlUDGEiUezutbjAWfe8UFZRbSH14KwRmOMkaZHvfqquVJJw/Uzw8A8Eh
-SgAY19ttRXnqz14vv6KPtjNFAqeG5xc1cjC6AQfhFlePygBdfSc5J+Ml0gY3UtRB
-nJIeBQmLTgbYnA5uG1scy/SZpl3FfdWU
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/02.pem b/ANW-URB/openvpn/keys/02.pem
deleted file mode 100644
index 99e2b13..0000000
--- a/ANW-URB/openvpn/keys/02.pem
+++ /dev/null
@@ -1,67 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Jul  1 23:15:58 2008 GMT
-            Not After : Jun 29 23:15:58 2018 GMT
-        Subject: C=DE, ST=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN-undine/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:c8:62:7d:b2:40:a2:db:94:db:5a:e6:21:70:a5:
-                    c9:a6:9e:72:5e:ec:a3:6e:ff:94:f1:cc:86:20:0f:
-                    73:f5:0d:12:9a:f8:3a:8a:9c:d9:71:fc:37:e3:bf:
-                    5b:c6:a3:70:b6:c8:c9:37:a4:b1:74:91:77:f2:6e:
-                    33:bf:fd:76:89:ee:34:f8:2b:3b:e9:02:03:c3:70:
-                    56:6d:f7:7a:e6:a6:9a:85:5d:c4:5f:27:90:2c:f4:
-                    b9:64:86:f4:75:c4:8e:02:04:18:6d:5a:9d:e7:64:
-                    fd:5e:af:7f:24:f7:a4:2b:f0:03:41:0f:3c:fb:26:
-                    38:66:34:8b:d7:9e:1f:0b:a5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                C8:0A:A1:82:F7:2E:F1:96:D2:2C:61:D9:B2:09:0C:6E:FF:08:DB:78
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-    Signature Algorithm: md5WithRSAEncryption
-        50:0e:8c:69:68:3a:4f:80:85:62:1f:d9:17:c1:af:f0:12:e3:
-        12:b8:63:52:d8:b6:bb:34:e2:c5:bc:88:a5:a0:eb:fd:1f:62:
-        32:6c:da:d7:c4:1d:75:e7:97:4f:92:d6:9c:a4:24:5f:f4:4c:
-        22:ce:87:3f:6a:d8:2f:90:2c:56:b5:91:ec:6a:bb:af:95:3d:
-        84:64:01:8b:9f:64:55:80:e1:2c:08:de:1f:d6:3d:d8:25:84:
-        fd:80:36:fc:b9:cf:ee:83:31:97:0f:72:2d:8e:a5:a7:0f:90:
-        0c:c6:5f:fb:75:a2:ca:75:81:ca:78:a1:9e:92:4a:72:a5:54:
-        b5:78
------BEGIN CERTIFICATE-----
-MIIDujCCAyOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTA4MDcwMTIz
-MTU1OFoXDTE4MDYyOTIzMTU1OFowgYgxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNl
-czEdMBsGA1UEAxMUQU5XLVVyYmFuLVZQTi11bmRpbmUxHTAbBgkqhkiG9w0BCQEW
-DmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIYn2y
-QKLblNta5iFwpcmmnnJe7KNu/5TxzIYgD3P1DRKa+DqKnNlx/Dfjv1vGo3C2yMk3
-pLF0kXfybjO//XaJ7jT4KzvpAgPDcFZt93rmppqFXcRfJ5As9LlkhvR1xI4CBBht
-Wp3nZP1er38k96Qr8ANBDzz7JjhmNIvXnh8LpQIDAQABo4IBJjCCASIwCQYDVR0T
-BAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNh
-dGUwHQYDVR0OBBYEFMgKoYL3LvGW0ixh2bIJDG7/CNt4MIHHBgNVHSMEgb8wgbyA
-FNjfTh0yEhtxpjTD8P4lGmL+VxFnoYGYpIGVMIGSMQswCQYDVQQGEwJERTEPMA0G
-A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZ
-MBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEWMBQGA1UEAxMNQU5XLVVyYmFuLVZQ
-TjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQCX0t1xyVjffzANBgkq
-hkiG9w0BAQQFAAOBgQBQDoxpaDpPgIViH9kXwa/wEuMSuGNS2La7NOLFvIiloOv9
-H2IybNrXxB1155dPktacpCRf9Ewizoc/atgvkCxWtZHsaruvlT2EZAGLn2RVgOEs
-CN4f1j3YJYT9gDb8uc/ugzGXD3ItjqWnD5AMxl/7daLKdYHKeKGekkpypVS1eA==
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/03.pem b/ANW-URB/openvpn/keys/03.pem
deleted file mode 100644
index 826840e..0000000
--- a/ANW-URB/openvpn/keys/03.pem
+++ /dev/null
@@ -1,67 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 3 (0x3)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Jul  1 23:17:00 2008 GMT
-            Not After : Jun 29 23:17:00 2018 GMT
-        Subject: C=DE, ST=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN-chris/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:e9:62:11:b8:ec:c5:0d:8a:33:18:ab:67:f8:19:
-                    bc:aa:5e:d4:65:07:2a:6c:bf:02:8e:69:b4:9f:06:
-                    51:b0:b8:ad:6d:0b:a8:69:63:eb:e1:f6:63:1b:36:
-                    ea:c2:46:fa:00:63:88:c5:b9:ab:8a:40:59:79:43:
-                    9e:0e:0d:2a:e8:8b:8e:dc:8c:4f:1d:49:c6:42:ab:
-                    46:ad:8b:9f:de:10:19:b0:db:a3:e6:f1:bc:0a:0e:
-                    64:bb:17:f9:08:91:87:ef:5c:60:27:b7:d5:f9:65:
-                    6e:43:c7:df:7f:20:2e:14:7f:dc:e5:8b:1f:01:53:
-                    fc:09:57:43:c6:21:90:3b:d5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                97:35:1E:8C:65:D7:C1:65:C1:D7:68:66:6F:BB:C9:82:A3:18:14:EE
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-    Signature Algorithm: md5WithRSAEncryption
-        1e:37:9a:a6:dd:39:43:87:a0:a9:d4:4c:0e:d9:5e:f6:43:0a:
-        6e:2a:e8:5d:06:76:c8:4c:6c:ef:dc:21:22:4f:59:aa:4d:6f:
-        21:3f:e5:3d:d5:7f:df:14:84:04:1d:78:0b:12:d2:00:89:09:
-        75:6a:55:f6:a5:0a:9f:47:56:49:53:98:38:23:94:4b:cf:5b:
-        57:1c:21:e0:f2:fb:4a:78:63:ad:fd:e4:1c:57:1c:ed:1d:45:
-        ae:85:6f:8a:9f:0f:1f:ea:34:ad:42:b4:18:77:dd:9f:86:9f:
-        48:28:0f:22:cc:c3:42:2b:7a:9f:f3:d2:ee:c3:20:7b:fa:d4:
-        a9:85
------BEGIN CERTIFICATE-----
-MIIDuTCCAyKgAwIBAgIBAzANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTA4MDcwMTIz
-MTcwMFoXDTE4MDYyOTIzMTcwMFowgYcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNl
-czEcMBoGA1UEAxMTQU5XLVVyYmFuLVZQTi1jaHJpczEdMBsGCSqGSIb3DQEJARYO
-YXJndXNAb29wZW4uZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOliEbjs
-xQ2KMxirZ/gZvKpe1GUHKmy/Ao5ptJ8GUbC4rW0LqGlj6+H2Yxs26sJG+gBjiMW5
-q4pAWXlDng4NKuiLjtyMTx1JxkKrRq2Ln94QGbDbo+bxvAoOZLsX+QiRh+9cYCe3
-1fllbkPH338gLhR/3OWLHwFT/AlXQ8YhkDvVAgMBAAGjggEmMIIBIjAJBgNVHRME
-AjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0
-ZTAdBgNVHQ4EFgQUlzUejGXXwWXB12hmb7vJgqMYFO4wgccGA1UdIwSBvzCBvIAU
-2N9OHTISG3GmNMPw/iUaYv5XEWehgZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8wDQYD
-VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkw
-FwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRYwFAYDVQQDEw1BTlctVXJiYW4tVlBO
-MR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MA0GCSqG
-SIb3DQEBBAUAA4GBAB43mqbdOUOHoKnUTA7ZXvZDCm4q6F0GdshMbO/cISJPWapN
-byE/5T3Vf98UhAQdeAsS0gCJCXVqVfalCp9HVklTmDgjlEvPW1ccIeDy+0p4Y639
-5BxXHO0dRa6Fb4qfDx/qNK1CtBh33Z+Gn0goDyLMw0Irep/z0u7DIHv61KmF
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/04.pem b/ANW-URB/openvpn/keys/04.pem
deleted file mode 100644
index 5320c64..0000000
--- a/ANW-URB/openvpn/keys/04.pem
+++ /dev/null
@@ -1,73 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 4 (0x4)
-    Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Sep 18 00:00:05 2013 GMT
-            Not After : Sep 16 00:00:05 2023 GMT
-        Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Netzwerk Services, CN=ANW-URB-VPN-gw-ckubu/name=Christoph Kuchenbuch/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:d7:02:6c:3b:15:f3:97:28:c0:5e:8d:24:ac:9a:
-                    9f:cd:11:f6:9d:5e:a5:5f:5d:3d:42:a5:de:b0:35:
-                    b5:d7:b1:e0:e0:f8:f3:29:53:7f:33:78:18:92:67:
-                    1c:aa:f9:16:48:5b:19:d3:cb:8d:d4:fe:1b:84:d9:
-                    e2:89:1a:85:5c:0b:93:c3:9d:6d:a8:4e:72:65:84:
-                    16:d6:02:6c:b0:0d:00:46:e3:06:15:54:bc:a8:84:
-                    80:f1:a9:93:b0:7a:a3:57:31:3a:9b:aa:29:9b:39:
-                    34:e2:64:df:4c:d5:3c:6c:c5:1c:3a:4b:26:ee:5e:
-                    58:e9:29:9b:42:ce:ef:90:5b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                Easy-RSA Generated Certificate
-            X509v3 Subject Key Identifier: 
-                5C:5B:7D:20:D6:16:C4:CD:E8:D8:F9:FF:86:B5:ED:8C:83:CF:90:C5
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication
-            X509v3 Key Usage: 
-                Digital Signature
-    Signature Algorithm: sha1WithRSAEncryption
-         c3:95:2b:e3:f8:62:d2:5e:b8:02:bc:a9:11:f8:bb:f5:0a:04:
-         fe:a3:68:e7:c1:97:f0:44:77:c7:54:98:4a:dd:b9:df:76:4b:
-         2c:d5:4c:a1:9e:e6:da:5f:d0:e4:73:c1:63:6e:29:ef:3c:79:
-         82:0e:f1:59:ca:8d:41:aa:22:42:e6:e2:88:ba:00:91:b1:f6:
-         f5:15:03:db:72:ab:39:01:c7:ee:19:25:c1:fd:ff:5d:30:b2:
-         ff:76:70:e9:3b:4f:88:af:14:68:8b:63:e2:a6:9c:e6:05:0e:
-         eb:b9:9f:3d:04:2e:9f:34:c1:14:53:69:3e:5a:c3:2e:ab:8e:
-         12:72
------BEGIN CERTIFICATE-----
-MIIEDjCCA3egAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTEzMDkxODAw
-MDAwNVoXDTIzMDkxNjAwMDAwNVowgbkxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRowGAYDVQQL
-ExFOZXR6d2VyayBTZXJ2aWNlczEdMBsGA1UEAxMUQU5XLVVSQi1WUE4tZ3ctY2t1
-YnUxHTAbBgNVBCkTFENocmlzdG9waCBLdWNoZW5idWNoMR0wGwYJKoZIhvcNAQkB
-Fg5hcmd1c0Bvb3Blbi5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1wJs
-OxXzlyjAXo0krJqfzRH2nV6lX109QqXesDW117Hg4PjzKVN/M3gYkmccqvkWSFsZ
-08uN1P4bhNniiRqFXAuTw51tqE5yZYQW1gJssA0ARuMGFVS8qISA8amTsHqjVzE6
-m6opmzk04mTfTNU8bMUcOksm7l5Y6SmbQs7vkFsCAwEAAaOCAUkwggFFMAkGA1Ud
-EwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZp
-Y2F0ZTAdBgNVHQ4EFgQUXFt9INYWxM3o2Pn/hrXtjIPPkMUwgccGA1UdIwSBvzCB
-vIAU2N9OHTISG3GmNMPw/iUaYv5XEWehgZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8w
-DQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVu
-MRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRYwFAYDVQQDEw1BTlctVXJiYW4t
-VlBOMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MBMG
-A1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOB
-gQDDlSvj+GLSXrgCvKkR+Lv1CgT+o2jnwZfwRHfHVJhK3bnfdkss1UyhnubaX9Dk
-c8FjbinvPHmCDvFZyo1BqiJC5uKIugCRsfb1FQPbcqs5AcfuGSXB/f9dMLL/dnDp
-O0+IrxRoi2PippzmBQ7ruZ89BC6fNMEUU2k+WsMuq44Scg==
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/ca.crt b/ANW-URB/openvpn/keys/ca.crt
deleted file mode 100644
index dc96316..0000000
--- a/ANW-URB/openvpn/keys/ca.crt
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDnzCCAwigAwIBAgIJAJfS3XHJWN9/MA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
-VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
-BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEWMBQGA1UEAxMN
-QU5XLVVyYmFuLVZQTjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwHhcN
-MDgwNzAxMjMwOTQyWhcNMTgwNjI5MjMwOTQyWjCBkjELMAkGA1UEBhMCREUxDzAN
-BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4x
-GTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJhbi1W
-UE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQDXN4KAEcJwYICMNTL47p3grgBwylUtkjtjJdmUVo8k85jR
-nZSlj592rDPB7/G1o7qU8vEQlmIQSjkfC/ViuMlS38kmn+1B8kVpqoUPWZ8PRnm5
-JHWRK6TD8LjHCEZKr1hfaviddbK8Exg7b+Va3Pz0eAqS/BfuuRXdrZYJTdiuDQID
-AQABo4H6MIH3MB0GA1UdDgQWBBTY304dMhIbcaY0w/D+JRpi/lcRZzCBxwYDVR0j
-BIG/MIG8gBTY304dMhIbcaY0w/D+JRpi/lcRZ6GBmKSBlTCBkjELMAkGA1UEBhMC
-REUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZv
-Lm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1V
-cmJhbi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlggkAl9LdcclY
-338wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCtIEYEN8d5imgML5V3
-OnwSN+aAm6hobm6IE1fFj+G6RyvcewrLaKybXljBe2sLB4TdK3CUntoJ7yaw28xl
-5u1rBmzFI7r/xNwdU+qurpb121yMnwQSSgF0bVpDZHdz4+V1+V4Lor8bvmqOIfsH
-YMgxU+nNxqoPlGaO1xxcEuK78g==
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/ca.key b/ANW-URB/openvpn/keys/ca.key
deleted file mode 100644
index 9cf8727..0000000
--- a/ANW-URB/openvpn/keys/ca.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDXN4KAEcJwYICMNTL47p3grgBwylUtkjtjJdmUVo8k85jRnZSl
-j592rDPB7/G1o7qU8vEQlmIQSjkfC/ViuMlS38kmn+1B8kVpqoUPWZ8PRnm5JHWR
-K6TD8LjHCEZKr1hfaviddbK8Exg7b+Va3Pz0eAqS/BfuuRXdrZYJTdiuDQIDAQAB
-AoGATTRWlkbIr7OOqb1z2aUP8ce51LxgrgZlU34CfZpHo4PXcGrNJk9Nby77Kjk/
-Rl/D0ScNn1uzNhDKSP7rOkz7uxyRLkh2GQIHOgCD4qvGVyvy1zjOWOrTjrl1RbOF
-QGNE3tNK9c8JuYGrxJPUIME61f7V8PQK98AmPVXaCR+u+GkCQQDzzLKHY3CnS5jh
-JeMD8XBTPEHYLL/yWp8qT1DgPsV6gebKrMOxWL/7pUfYMWRV4fItGcRAvAGLlN5G
-Pwhb0VGfAkEA4fyj5wLX7wxp43aHLJ2gJRFlfMnl9yUPh8zjGleqDI5+dfvp3GZC
-9rPvLRIEA+tjlBfx4bYAnQHXe9FoMqSY0wJBAM2Bb7/WH6C1haHLuOea/i77bRlW
-51nX77DPeQH9h6LzmuKe7LoycGoj8UKYp9YJBoXj4V0b3UWWcCLQgTA8aksCQEqP
-p6hVqNcnWlyBQ/I1g5wXVEvK9YQIh0pAEIIlgGaqMRFOb4eXeeqZzYUqV4bPiEhZ
-aiYVfbhP3j/tBJsI8Z8CQBDV21UILY09GiskhCKppEOaOgbD9e9YJ+fVxAl9bNAm
-0bxTK6lO4hhiSbPosS8h+rJEE/NRUNEuxrc4CvNdoTo=
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/keys/chris.crt b/ANW-URB/openvpn/keys/chris.crt
deleted file mode 100644
index 826840e..0000000
--- a/ANW-URB/openvpn/keys/chris.crt
+++ /dev/null
@@ -1,67 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 3 (0x3)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Jul  1 23:17:00 2008 GMT
-            Not After : Jun 29 23:17:00 2018 GMT
-        Subject: C=DE, ST=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN-chris/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:e9:62:11:b8:ec:c5:0d:8a:33:18:ab:67:f8:19:
-                    bc:aa:5e:d4:65:07:2a:6c:bf:02:8e:69:b4:9f:06:
-                    51:b0:b8:ad:6d:0b:a8:69:63:eb:e1:f6:63:1b:36:
-                    ea:c2:46:fa:00:63:88:c5:b9:ab:8a:40:59:79:43:
-                    9e:0e:0d:2a:e8:8b:8e:dc:8c:4f:1d:49:c6:42:ab:
-                    46:ad:8b:9f:de:10:19:b0:db:a3:e6:f1:bc:0a:0e:
-                    64:bb:17:f9:08:91:87:ef:5c:60:27:b7:d5:f9:65:
-                    6e:43:c7:df:7f:20:2e:14:7f:dc:e5:8b:1f:01:53:
-                    fc:09:57:43:c6:21:90:3b:d5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                97:35:1E:8C:65:D7:C1:65:C1:D7:68:66:6F:BB:C9:82:A3:18:14:EE
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-    Signature Algorithm: md5WithRSAEncryption
-        1e:37:9a:a6:dd:39:43:87:a0:a9:d4:4c:0e:d9:5e:f6:43:0a:
-        6e:2a:e8:5d:06:76:c8:4c:6c:ef:dc:21:22:4f:59:aa:4d:6f:
-        21:3f:e5:3d:d5:7f:df:14:84:04:1d:78:0b:12:d2:00:89:09:
-        75:6a:55:f6:a5:0a:9f:47:56:49:53:98:38:23:94:4b:cf:5b:
-        57:1c:21:e0:f2:fb:4a:78:63:ad:fd:e4:1c:57:1c:ed:1d:45:
-        ae:85:6f:8a:9f:0f:1f:ea:34:ad:42:b4:18:77:dd:9f:86:9f:
-        48:28:0f:22:cc:c3:42:2b:7a:9f:f3:d2:ee:c3:20:7b:fa:d4:
-        a9:85
------BEGIN CERTIFICATE-----
-MIIDuTCCAyKgAwIBAgIBAzANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTA4MDcwMTIz
-MTcwMFoXDTE4MDYyOTIzMTcwMFowgYcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNl
-czEcMBoGA1UEAxMTQU5XLVVyYmFuLVZQTi1jaHJpczEdMBsGCSqGSIb3DQEJARYO
-YXJndXNAb29wZW4uZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOliEbjs
-xQ2KMxirZ/gZvKpe1GUHKmy/Ao5ptJ8GUbC4rW0LqGlj6+H2Yxs26sJG+gBjiMW5
-q4pAWXlDng4NKuiLjtyMTx1JxkKrRq2Ln94QGbDbo+bxvAoOZLsX+QiRh+9cYCe3
-1fllbkPH338gLhR/3OWLHwFT/AlXQ8YhkDvVAgMBAAGjggEmMIIBIjAJBgNVHRME
-AjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0
-ZTAdBgNVHQ4EFgQUlzUejGXXwWXB12hmb7vJgqMYFO4wgccGA1UdIwSBvzCBvIAU
-2N9OHTISG3GmNMPw/iUaYv5XEWehgZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8wDQYD
-VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkw
-FwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRYwFAYDVQQDEw1BTlctVXJiYW4tVlBO
-MR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MA0GCSqG
-SIb3DQEBBAUAA4GBAB43mqbdOUOHoKnUTA7ZXvZDCm4q6F0GdshMbO/cISJPWapN
-byE/5T3Vf98UhAQdeAsS0gCJCXVqVfalCp9HVklTmDgjlEvPW1ccIeDy+0p4Y639
-5BxXHO0dRa6Fb4qfDx/qNK1CtBh33Z+Gn0goDyLMw0Irep/z0u7DIHv61KmF
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/chris.csr b/ANW-URB/openvpn/keys/chris.csr
deleted file mode 100644
index fabf476..0000000
--- a/ANW-URB/openvpn/keys/chris.csr
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIB2TCCAUICAQAwgZgxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
-BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3Jr
-IHNlcnZpY2VzMRwwGgYDVQQDExNBTlctVXJiYW4tVlBOLWNocmlzMR0wGwYJKoZI
-hvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
-gYEA6WIRuOzFDYozGKtn+Bm8ql7UZQcqbL8Cjmm0nwZRsLitbQuoaWPr4fZjGzbq
-wkb6AGOIxbmrikBZeUOeDg0q6IuO3IxPHUnGQqtGrYuf3hAZsNuj5vG8Cg5kuxf5
-CJGH71xgJ7fV+WVuQ8fffyAuFH/c5YsfAVP8CVdDxiGQO9UCAwEAAaAAMA0GCSqG
-SIb3DQEBBQUAA4GBAMmA43TxDhInXxBpuJwRlk2hnY/nXZW1IrfQtpVC6v8WM+e1
-zWx9PNvV7Y6ocaFdGhxqnjUzkKb7lCfQ11aL6ehc5w9NWY8MaZ8J5N4u5ipr/pbO
-FdQKr8D44iHJ7a93cOsE0wDPGBpk5rp8Z2TsLaLYGQuoCNQEoFk6YB57CzB4
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/keys/chris.key b/ANW-URB/openvpn/keys/chris.key
deleted file mode 100644
index d54210a..0000000
--- a/ANW-URB/openvpn/keys/chris.key
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,3CEBF9073B3CB899
-
-5xX8Lu3DsaALocEwU7TDMEldu4UN2e6kIVoiN4+vjtH0A1BBdRhLjP2boTh6LyT7
-FObWp9OBmY6nXhDHGKIUB7QJFX69GeIaRdidDZmDmRgh9DnJFQF0eQfN9S4IYcW5
-Lm2Qehwc+Evno176WuX5mOQJ112UCRPf6mI1WwVloz20rvKebVtdZ9RLz9TlZToQ
-icwy93R8JjTLsFZnuUZzhECAXlkNGb7BS23J+w3yZmQhHAHDICL1qU8EDKxE8+XD
-+uUCSaLhzpP6/LVdE1R+0027oa64zU5sSS1Q2qPGJL2DHPKnXYQcRPbVzMFvOkYI
-058ud8MztVQEpKBP2s3Ua8n7vHCEBsh0W7x+xbjIVjcGCV8m64Mm6pYdozmzfHRm
-qoEN98XsLyB/cbblBO1QpruCYZXDFf3OsfQq9lw+/m/RxESiAhFL0lBIBmgQVVFh
-rzNoilLge046sOo5HiGaJpiZbcM2Yjh3Lumoom+z+1p5FziL+gV1VFp3GF/y4Vr3
-AQ7HuAKIP0eO15jCDtYylmaNQM3ngd0/Wnd5YVIS+RHSVbE1/exXs/bRiyz5pjCl
-JPY4OtGYQ+mE6jycrbz+RGco20XPgjSyibjqm4a61FE9d5BrfJMqH2XTjpmNLpFD
-4xivB1aHy3CzCkxLaczQGLxOho3hibCK6P05xwQHwNgmmNqNuDazaASEdB9aUoDq
-WGux3OmUbDndOdL/UogaeqGurgQva81kUEHW7NXJLCRu4thr+OJhpAs3vdgXbiSL
-KhN1Mu4NGQynBPHcxMxcEUcZBCFZZPG55NQd/f5YAWXn2jxTZzZ+nw==
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/keys/dh1024.pem b/ANW-URB/openvpn/keys/dh1024.pem
deleted file mode 100644
index 4cc01c5..0000000
--- a/ANW-URB/openvpn/keys/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAMnSQRsYjh/VIhYLr05WqaXvYrFnn8HmGo4D4p19C/qWLtSNi/zDB0eh
-M/ngjzWQuP/ew0IWuo2pRWsgUUUvHQH1gCzNDfi+AuT//a0kKQlnr6jwj/IlSQKq
-LrH/cdyEh74rjNCZTD6xN0xR3P991+w4r3vWXWzYo44+4swix9k7AgEC
------END DH PARAMETERS-----
diff --git a/ANW-URB/openvpn/keys/gw-ckubu.crt b/ANW-URB/openvpn/keys/gw-ckubu.crt
deleted file mode 100644
index 5320c64..0000000
--- a/ANW-URB/openvpn/keys/gw-ckubu.crt
+++ /dev/null
@@ -1,73 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 4 (0x4)
-    Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Sep 18 00:00:05 2013 GMT
-            Not After : Sep 16 00:00:05 2023 GMT
-        Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Netzwerk Services, CN=ANW-URB-VPN-gw-ckubu/name=Christoph Kuchenbuch/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:d7:02:6c:3b:15:f3:97:28:c0:5e:8d:24:ac:9a:
-                    9f:cd:11:f6:9d:5e:a5:5f:5d:3d:42:a5:de:b0:35:
-                    b5:d7:b1:e0:e0:f8:f3:29:53:7f:33:78:18:92:67:
-                    1c:aa:f9:16:48:5b:19:d3:cb:8d:d4:fe:1b:84:d9:
-                    e2:89:1a:85:5c:0b:93:c3:9d:6d:a8:4e:72:65:84:
-                    16:d6:02:6c:b0:0d:00:46:e3:06:15:54:bc:a8:84:
-                    80:f1:a9:93:b0:7a:a3:57:31:3a:9b:aa:29:9b:39:
-                    34:e2:64:df:4c:d5:3c:6c:c5:1c:3a:4b:26:ee:5e:
-                    58:e9:29:9b:42:ce:ef:90:5b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                Easy-RSA Generated Certificate
-            X509v3 Subject Key Identifier: 
-                5C:5B:7D:20:D6:16:C4:CD:E8:D8:F9:FF:86:B5:ED:8C:83:CF:90:C5
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication
-            X509v3 Key Usage: 
-                Digital Signature
-    Signature Algorithm: sha1WithRSAEncryption
-         c3:95:2b:e3:f8:62:d2:5e:b8:02:bc:a9:11:f8:bb:f5:0a:04:
-         fe:a3:68:e7:c1:97:f0:44:77:c7:54:98:4a:dd:b9:df:76:4b:
-         2c:d5:4c:a1:9e:e6:da:5f:d0:e4:73:c1:63:6e:29:ef:3c:79:
-         82:0e:f1:59:ca:8d:41:aa:22:42:e6:e2:88:ba:00:91:b1:f6:
-         f5:15:03:db:72:ab:39:01:c7:ee:19:25:c1:fd:ff:5d:30:b2:
-         ff:76:70:e9:3b:4f:88:af:14:68:8b:63:e2:a6:9c:e6:05:0e:
-         eb:b9:9f:3d:04:2e:9f:34:c1:14:53:69:3e:5a:c3:2e:ab:8e:
-         12:72
------BEGIN CERTIFICATE-----
-MIIEDjCCA3egAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTEzMDkxODAw
-MDAwNVoXDTIzMDkxNjAwMDAwNVowgbkxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRowGAYDVQQL
-ExFOZXR6d2VyayBTZXJ2aWNlczEdMBsGA1UEAxMUQU5XLVVSQi1WUE4tZ3ctY2t1
-YnUxHTAbBgNVBCkTFENocmlzdG9waCBLdWNoZW5idWNoMR0wGwYJKoZIhvcNAQkB
-Fg5hcmd1c0Bvb3Blbi5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1wJs
-OxXzlyjAXo0krJqfzRH2nV6lX109QqXesDW117Hg4PjzKVN/M3gYkmccqvkWSFsZ
-08uN1P4bhNniiRqFXAuTw51tqE5yZYQW1gJssA0ARuMGFVS8qISA8amTsHqjVzE6
-m6opmzk04mTfTNU8bMUcOksm7l5Y6SmbQs7vkFsCAwEAAaOCAUkwggFFMAkGA1Ud
-EwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZp
-Y2F0ZTAdBgNVHQ4EFgQUXFt9INYWxM3o2Pn/hrXtjIPPkMUwgccGA1UdIwSBvzCB
-vIAU2N9OHTISG3GmNMPw/iUaYv5XEWehgZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8w
-DQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVu
-MRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRYwFAYDVQQDEw1BTlctVXJiYW4t
-VlBOMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MBMG
-A1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOB
-gQDDlSvj+GLSXrgCvKkR+Lv1CgT+o2jnwZfwRHfHVJhK3bnfdkss1UyhnubaX9Dk
-c8FjbinvPHmCDvFZyo1BqiJC5uKIugCRsfb1FQPbcqs5AcfuGSXB/f9dMLL/dnDp
-O0+IrxRoi2PippzmBQ7ruZ89BC6fNMEUU2k+WsMuq44Scg==
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/gw-ckubu.csr b/ANW-URB/openvpn/keys/gw-ckubu.csr
deleted file mode 100644
index 9f843c1..0000000
--- a/ANW-URB/openvpn/keys/gw-ckubu.csr
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIB+jCCAWMCAQAwgbkxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
-BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRowGAYDVQQLExFOZXR6d2Vy
-ayBTZXJ2aWNlczEdMBsGA1UEAxMUQU5XLVVSQi1WUE4tZ3ctY2t1YnUxHTAbBgNV
-BCkTFENocmlzdG9waCBLdWNoZW5idWNoMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bv
-b3Blbi5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1wJsOxXzlyjAXo0k
-rJqfzRH2nV6lX109QqXesDW117Hg4PjzKVN/M3gYkmccqvkWSFsZ08uN1P4bhNni
-iRqFXAuTw51tqE5yZYQW1gJssA0ARuMGFVS8qISA8amTsHqjVzE6m6opmzk04mTf
-TNU8bMUcOksm7l5Y6SmbQs7vkFsCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBANL/
-u9Js7zeVzgCn2yz+RIiqWgVV2TiehC/FmRExuXtVf+5WTyQdu1Z8bS83ZxThAVzO
-Zyj59bJv7oQ4NYMNVe0SEB3qKawKiqjr/mv0qBhmerFYlY5XlMVfmdvNuxg15xXo
-8v1tGoV9bGb1vuoDUNvEPtG8nG53GoIfmbqg4YF/
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/keys/gw-ckubu.key b/ANW-URB/openvpn/keys/gw-ckubu.key
deleted file mode 100644
index 76b4ed1..0000000
--- a/ANW-URB/openvpn/keys/gw-ckubu.key
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIciZPe4pZyPoCAggA
-MBQGCCqGSIb3DQMHBAilx1xBgz8S1wSCAoDBMXDwnWuOF66Yodm3A2D1Su9K+hVo
-5KfJeC0BmWDf1455kw/ZKiB7bdgUcgogJPpQgzjugGu04iugoC/KobocidD6NP7f
-ZkmT6UGPkFa+3xyr61rYBlKT9HqphAVRwUoNhNNbFG1h0oBIL9qjxuQCssL5qsne
-R9KN9VsYVDRloL5/RfmcozJ1mXeRQeBkDCiQWb7cCYSqzpXHD6Vf+Xabdb7KiEOp
-coIWoOLyX6JdlV47CN1bUVerZulyZfU+xaI1EyqDCiVR6uao7ggIrLEnnTj+3oYN
-0NK77BCAJBsMEvSa2ZJQUvKeAl8pHTZdD06ixZRFlroUbMYV3ns2BvlT/M2GT3Oz
-P55FxClNjnmST1+MB+Ak7rZxdSVXf6tJP7fyxWU/zeGqHFfhQS0soiJxsdu2+iAy
-/AW4d5eF7fDMNdtelQg9oNMu8DBqIEMt6iZtmEPMxXO18BWrOOuAcXNExjmX4YP5
-/WVKwpukfbizsCgA828Rmm6KlLaGcfwM4Q+msK9uQuLW1xrAjghS3KPgCFOnrRzV
-UCvZGaVAhdA8oSdigBJonQmC5KWjjd+MIHFUqHOz2CWdN2HPvn9DKUeZwUVqtyVZ
-LytntILVJ2CCLikf8iR2Q0YLCnA/Z0dA1+yy2OnSpFRv5qZ8alvn3sJ/RKCNnEVe
-5Y5mhfC/MFk2Ak7MaI66vW6WFFUWFzFqvpco2ItVF05mjN0QfQfwB0CllO5QzfCI
-xEwG4mcAgB7NceXHYh4mdX/nxDsmbkHSlWRKIE1SPuJzQPeolxKUcVr9O4UVHUya
-zL3PaQ4PZa1YeL01QrqeK/rgvirQbNqnNsr0diqNXiYPNGmIEW0Aln5u
------END ENCRYPTED PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/keys/index.txt b/ANW-URB/openvpn/keys/index.txt
deleted file mode 100644
index 2b6bd86..0000000
--- a/ANW-URB/openvpn/keys/index.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-V	180629231353Z		01	unknown	/C=DE/ST=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN-server/emailAddress=argus@oopen.de
-V	180629231558Z		02	unknown	/C=DE/ST=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN-undine/emailAddress=argus@oopen.de
-V	180629231700Z		03	unknown	/C=DE/ST=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN-chris/emailAddress=argus@oopen.de
-V	230916000005Z		04	unknown	/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Netzwerk Services/CN=ANW-URB-VPN-gw-ckubu/name=Christoph Kuchenbuch/emailAddress=argus@oopen.de
diff --git a/ANW-URB/openvpn/keys/index.txt.attr b/ANW-URB/openvpn/keys/index.txt.attr
deleted file mode 100644
index 3a7e39e..0000000
--- a/ANW-URB/openvpn/keys/index.txt.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/ANW-URB/openvpn/keys/index.txt.attr.old b/ANW-URB/openvpn/keys/index.txt.attr.old
deleted file mode 100644
index 3a7e39e..0000000
--- a/ANW-URB/openvpn/keys/index.txt.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/ANW-URB/openvpn/keys/index.txt.old b/ANW-URB/openvpn/keys/index.txt.old
deleted file mode 100644
index ffffe6f..0000000
--- a/ANW-URB/openvpn/keys/index.txt.old
+++ /dev/null
@@ -1,3 +0,0 @@
-V	180629231353Z		01	unknown	/C=DE/ST=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN-server/emailAddress=argus@oopen.de
-V	180629231558Z		02	unknown	/C=DE/ST=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN-undine/emailAddress=argus@oopen.de
-V	180629231700Z		03	unknown	/C=DE/ST=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN-chris/emailAddress=argus@oopen.de
diff --git a/ANW-URB/openvpn/keys/serial b/ANW-URB/openvpn/keys/serial
deleted file mode 100644
index eeee65e..0000000
--- a/ANW-URB/openvpn/keys/serial
+++ /dev/null
@@ -1 +0,0 @@
-05
diff --git a/ANW-URB/openvpn/keys/serial.old b/ANW-URB/openvpn/keys/serial.old
deleted file mode 100644
index 6496923..0000000
--- a/ANW-URB/openvpn/keys/serial.old
+++ /dev/null
@@ -1 +0,0 @@
-04
diff --git a/ANW-URB/openvpn/keys/server.crt b/ANW-URB/openvpn/keys/server.crt
deleted file mode 100644
index b8a81df..0000000
--- a/ANW-URB/openvpn/keys/server.crt
+++ /dev/null
@@ -1,70 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Jul  1 23:13:53 2008 GMT
-            Not After : Jun 29 23:13:53 2018 GMT
-        Subject: C=DE, ST=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN-server/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:d0:5b:9b:21:03:ec:db:17:cf:35:f5:5b:de:6b:
-                    a9:1a:69:cc:09:c8:6e:a2:4a:36:66:10:9b:00:2c:
-                    1a:bd:59:6f:0f:b8:35:22:8e:8e:b0:e4:07:94:6c:
-                    cd:7b:35:6a:3e:36:ff:28:eb:2a:78:3a:06:69:82:
-                    90:3f:8d:c9:7b:5b:b7:1d:f6:df:c0:65:ea:da:50:
-                    f9:6b:94:b2:94:89:5f:3c:75:a2:13:9c:37:6c:11:
-                    7f:c8:88:e6:73:3d:67:6e:27:98:33:82:ee:76:35:
-                    a6:f2:b5:f7:5f:a2:f2:b9:c7:90:e2:b1:d2:20:c6:
-                    ee:45:a0:34:27:a3:a8:d3:f1
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Cert Type: 
-                SSL Server
-            Netscape Comment: 
-                OpenSSL Generated Server Certificate
-            X509v3 Subject Key Identifier: 
-                38:93:19:84:8B:74:C0:F1:0C:C9:19:EF:68:80:99:CE:07:FD:97:07
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-    Signature Algorithm: md5WithRSAEncryption
-        2c:ee:2e:ff:76:a8:c1:37:71:19:f8:7c:86:68:56:55:03:18:
-        48:94:7b:3b:ad:6e:30:16:7d:ef:14:15:94:5b:48:7d:78:2b:
-        04:66:38:c9:1a:64:7b:df:aa:ab:95:24:9c:3f:53:3c:3c:03:
-        c1:21:4a:00:18:d7:db:6d:45:79:ea:cf:5e:2f:bf:a2:8f:b6:
-        33:45:02:a7:86:e7:17:35:72:30:ba:01:07:e1:16:57:8f:ca:
-        00:5d:7d:27:39:27:e3:25:d2:06:37:52:d4:41:9c:92:1e:05:
-        09:8b:4e:06:d8:9c:0e:6e:1b:5b:1c:cb:f4:99:a6:5d:c5:7d:
-        d5:94
------BEGIN CERTIFICATE-----
-MIID1DCCAz2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTA4MDcwMTIz
-MTM1M1oXDTE4MDYyOTIzMTM1M1owgYgxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNl
-czEdMBsGA1UEAxMUQU5XLVVyYmFuLVZQTi1zZXJ2ZXIxHTAbBgkqhkiG9w0BCQEW
-DmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQW5sh
-A+zbF8819Vvea6kaacwJyG6iSjZmEJsALBq9WW8PuDUijo6w5AeUbM17NWo+Nv8o
-6yp4OgZpgpA/jcl7W7cd9t/AZeraUPlrlLKUiV88daITnDdsEX/IiOZzPWduJ5gz
-gu52NabytfdfovK5x5DisdIgxu5FoDQno6jT8QIDAQABo4IBQDCCATwwCQYDVR0T
-BAIwADARBglghkgBhvhCAQEEBAMCBkAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wg
-R2VuZXJhdGVkIFNlcnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUOJMZhIt0wPEM
-yRnvaICZzgf9lwcwgccGA1UdIwSBvzCBvIAU2N9OHTISG3GmNMPw/iUaYv5XEWeh
-gZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT
-BkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3JrIHNlcnZp
-Y2VzMRYwFAYDVQQDEw1BTlctVXJiYW4tVlBOMR0wGwYJKoZIhvcNAQkBFg5hcmd1
-c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MA0GCSqGSIb3DQEBBAUAA4GBACzuLv92qME3
-cRn4fIZoVlUDGEiUezutbjAWfe8UFZRbSH14KwRmOMkaZHvfqquVJJw/Uzw8A8Eh
-SgAY19ttRXnqz14vv6KPtjNFAqeG5xc1cjC6AQfhFlePygBdfSc5J+Ml0gY3UtRB
-nJIeBQmLTgbYnA5uG1scy/SZpl3FfdWU
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/server.csr b/ANW-URB/openvpn/keys/server.csr
deleted file mode 100644
index dabaa7d..0000000
--- a/ANW-URB/openvpn/keys/server.csr
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIB2jCCAUMCAQAwgZkxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
-BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3Jr
-IHNlcnZpY2VzMR0wGwYDVQQDExRBTlctVXJiYW4tVlBOLXNlcnZlcjEdMBsGCSqG
-SIb3DQEJARYOYXJndXNAb29wZW4uZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
-AoGBANBbmyED7NsXzzX1W95rqRppzAnIbqJKNmYQmwAsGr1Zbw+4NSKOjrDkB5Rs
-zXs1aj42/yjrKng6BmmCkD+NyXtbtx3238Bl6tpQ+WuUspSJXzx1ohOcN2wRf8iI
-5nM9Z24nmDOC7nY1pvK191+i8rnHkOKx0iDG7kWgNCejqNPxAgMBAAGgADANBgkq
-hkiG9w0BAQUFAAOBgQDKK0jgo8ch23m7+RtGeApD51hcNUmFFpdIk+uH9mRZGDIq
-cF2XDqXTt8criP+HzRDl1LxdXLvrfC0/qNzOJTfbWeyuW7cCWXURZJGhFeM4I+Fk
-0BQcXJK3J2+AUyVyScVZXuu7lV33ncIrtouQWkieOwRo1swl/W+I4nHMOZVKpw==
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/keys/server.key b/ANW-URB/openvpn/keys/server.key
deleted file mode 100644
index db0951f..0000000
--- a/ANW-URB/openvpn/keys/server.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDQW5shA+zbF8819Vvea6kaacwJyG6iSjZmEJsALBq9WW8PuDUi
-jo6w5AeUbM17NWo+Nv8o6yp4OgZpgpA/jcl7W7cd9t/AZeraUPlrlLKUiV88daIT
-nDdsEX/IiOZzPWduJ5gzgu52NabytfdfovK5x5DisdIgxu5FoDQno6jT8QIDAQAB
-AoGAMfIjp7BnMMXuWALu+MxaBwjhbl7rll+v1puYbFwmNMmhg+UmZ5hAwEqJPp0u
-TKCrTSql08s7rQJL0zMHHRUB/O8/+dtycmASyqvWszmyGCFm9nHnLFbs10dmqtcQ
-ijXnly7FIW10b2tbNgwU7QOB/86SQHMAhAIIE1o87QuvyiECQQD0tUXOk38fkdWg
-zQjlA21GkaGt5x2GjluQU6kiMoLSy6SrbfNUXDaN9DV2HpdxV9q6x26BGT+94oA1
-Zbwsmuf9AkEA2fjt1vJOue2N+4iI4Em74f2tqy/kjJjlamzHWHAx4kjse0etSTuT
-Yk1kUiWc8FeEeJiVceujj3LdmCsFiz88BQJBAJGCgQH3Xu4sz7UQdquHQCFoU5WP
-ClWKrRPDS51UH8qs4Tw24yxUsPP0NR4Jzs/NB/lswV7u3qJQ3x/hYOW9LxkCQAM+
-J9Ot0SwE87rNQjQMBMaM7puAX+cTkz4tFh4jtSpHqXUAEPzo7P1mZ1qtgpM0yhy9
-MGP8fHdy3wcXhMKYkz0CQQDnarfxAj7shImn6DuLCGCzNmERohp8ZGQfqyjwoBPm
-Z/vUcw7DXvWcMKZeveWbwonwJlceGjn0l8Y8wLhpTWlH
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/keys/ta.key b/ANW-URB/openvpn/keys/ta.key
deleted file mode 100644
index 738f418..0000000
--- a/ANW-URB/openvpn/keys/ta.key
+++ /dev/null
@@ -1,21 +0,0 @@
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e19230da99dc39d3169c1a77dde7ad76
-8831a21b862a03aed5db8332bff9177a
-14ede9e8e89da3d4da92a5419006adaa
-b61c895a2445fe8a8fc15ec250f1dd53
-07860a266aa331691b89b129819ba7e0
-18731572474ad3a4e87accaf7e74010b
-6b28aaf82be7a726558b1cda354888af
-a574d1fb1bd0e86a16c0bf635a3f4ede
-cd156415a01cd62617abf1eda6c38585
-df9b9e8e831ce3e645ee0ea6fc1f2c27
-1c381080d87697462c4eb69c100a099e
-902a5423692b0ec0598a165e65da298e
-bd72f0f00216b026b6a2fc3f1a6ada6e
-db76051b9d055307f0e02f11c8b16419
-b246546fe5023afd1ca2b7328c69cf47
-d48f9015f5c5655dd899736d78bd7614
------END OpenVPN Static key V1-----
diff --git a/ANW-URB/openvpn/keys/undine.crt b/ANW-URB/openvpn/keys/undine.crt
deleted file mode 100644
index 99e2b13..0000000
--- a/ANW-URB/openvpn/keys/undine.crt
+++ /dev/null
@@ -1,67 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-        Validity
-            Not Before: Jul  1 23:15:58 2008 GMT
-            Not After : Jun 29 23:15:58 2018 GMT
-        Subject: C=DE, ST=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN-undine/emailAddress=argus@oopen.de
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:c8:62:7d:b2:40:a2:db:94:db:5a:e6:21:70:a5:
-                    c9:a6:9e:72:5e:ec:a3:6e:ff:94:f1:cc:86:20:0f:
-                    73:f5:0d:12:9a:f8:3a:8a:9c:d9:71:fc:37:e3:bf:
-                    5b:c6:a3:70:b6:c8:c9:37:a4:b1:74:91:77:f2:6e:
-                    33:bf:fd:76:89:ee:34:f8:2b:3b:e9:02:03:c3:70:
-                    56:6d:f7:7a:e6:a6:9a:85:5d:c4:5f:27:90:2c:f4:
-                    b9:64:86:f4:75:c4:8e:02:04:18:6d:5a:9d:e7:64:
-                    fd:5e:af:7f:24:f7:a4:2b:f0:03:41:0f:3c:fb:26:
-                    38:66:34:8b:d7:9e:1f:0b:a5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            Netscape Comment: 
-                OpenSSL Generated Certificate
-            X509v3 Subject Key Identifier: 
-                C8:0A:A1:82:F7:2E:F1:96:D2:2C:61:D9:B2:09:0C:6E:FF:08:DB:78
-            X509v3 Authority Key Identifier: 
-                keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
-                DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
-                serial:97:D2:DD:71:C9:58:DF:7F
-
-    Signature Algorithm: md5WithRSAEncryption
-        50:0e:8c:69:68:3a:4f:80:85:62:1f:d9:17:c1:af:f0:12:e3:
-        12:b8:63:52:d8:b6:bb:34:e2:c5:bc:88:a5:a0:eb:fd:1f:62:
-        32:6c:da:d7:c4:1d:75:e7:97:4f:92:d6:9c:a4:24:5f:f4:4c:
-        22:ce:87:3f:6a:d8:2f:90:2c:56:b5:91:ec:6a:bb:af:95:3d:
-        84:64:01:8b:9f:64:55:80:e1:2c:08:de:1f:d6:3d:d8:25:84:
-        fd:80:36:fc:b9:cf:ee:83:31:97:0f:72:2d:8e:a5:a7:0f:90:
-        0c:c6:5f:fb:75:a2:ca:75:81:ca:78:a1:9e:92:4a:72:a5:54:
-        b5:78
------BEGIN CERTIFICATE-----
-MIIDujCCAyOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCREUx
-DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
-ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
-bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTA4MDcwMTIz
-MTU1OFoXDTE4MDYyOTIzMTU1OFowgYgxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
-ZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNl
-czEdMBsGA1UEAxMUQU5XLVVyYmFuLVZQTi11bmRpbmUxHTAbBgkqhkiG9w0BCQEW
-DmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIYn2y
-QKLblNta5iFwpcmmnnJe7KNu/5TxzIYgD3P1DRKa+DqKnNlx/Dfjv1vGo3C2yMk3
-pLF0kXfybjO//XaJ7jT4KzvpAgPDcFZt93rmppqFXcRfJ5As9LlkhvR1xI4CBBht
-Wp3nZP1er38k96Qr8ANBDzz7JjhmNIvXnh8LpQIDAQABo4IBJjCCASIwCQYDVR0T
-BAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNh
-dGUwHQYDVR0OBBYEFMgKoYL3LvGW0ixh2bIJDG7/CNt4MIHHBgNVHSMEgb8wgbyA
-FNjfTh0yEhtxpjTD8P4lGmL+VxFnoYGYpIGVMIGSMQswCQYDVQQGEwJERTEPMA0G
-A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZ
-MBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEWMBQGA1UEAxMNQU5XLVVyYmFuLVZQ
-TjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQCX0t1xyVjffzANBgkq
-hkiG9w0BAQQFAAOBgQBQDoxpaDpPgIViH9kXwa/wEuMSuGNS2La7NOLFvIiloOv9
-H2IybNrXxB1155dPktacpCRf9Ewizoc/atgvkCxWtZHsaruvlT2EZAGLn2RVgOEs
-CN4f1j3YJYT9gDb8uc/ugzGXD3ItjqWnD5AMxl/7daLKdYHKeKGekkpypVS1eA==
------END CERTIFICATE-----
diff --git a/ANW-URB/openvpn/keys/undine.csr b/ANW-URB/openvpn/keys/undine.csr
deleted file mode 100644
index a635136..0000000
--- a/ANW-URB/openvpn/keys/undine.csr
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIB2jCCAUMCAQAwgZkxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
-BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3Jr
-IHNlcnZpY2VzMR0wGwYDVQQDExRBTlctVXJiYW4tVlBOLXVuZGluZTEdMBsGCSqG
-SIb3DQEJARYOYXJndXNAb29wZW4uZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
-AoGBAMhifbJAotuU21rmIXClyaaecl7so27/lPHMhiAPc/UNEpr4Ooqc2XH8N+O/
-W8ajcLbIyTeksXSRd/JuM7/9donuNPgrO+kCA8NwVm33euammoVdxF8nkCz0uWSG
-9HXEjgIEGG1anedk/V6vfyT3pCvwA0EPPPsmOGY0i9eeHwulAgMBAAGgADANBgkq
-hkiG9w0BAQUFAAOBgQBzkf1LnqcmJvJAX9UYyeEhqa378SexpiKBrTitVQ6NKK5Z
-9VpCpVVE1exKAcn8xa+6Q29ZGjKkJ3ZlryXWn1692evqB9w3XAmcbxcmRHKaC2f0
-I8xFhrH3aUwtjmjNO2E/hI+oGWe44Y+rOcpVeKZ8i59FkxBbwLwbrwwRmlvnkw==
------END CERTIFICATE REQUEST-----
diff --git a/ANW-URB/openvpn/keys/undine.key b/ANW-URB/openvpn/keys/undine.key
deleted file mode 100644
index a008ad3..0000000
--- a/ANW-URB/openvpn/keys/undine.key
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,6B5570B96C2E6CDD
-
-GFZwd1yrveHBtUnUqN5c28CuS7F/TFCt3dc/OpxOwuNH/xsdTHHpC78Zb/O+Hg9Y
-DvwEd+i1HCHDeY46as4+fGFjMMNlWICBzywsV+2KmLCteSG2O++qa+i0f8aqpT3q
-X/mXKHtuOP1groyMhKF3oYYaNDgGGfIsVs0WXgAzEzV591AckqFhMn0eUM8flhhC
-hkdV3fFtvbBiHBm0x7a7PCmP0aqkrzp3y8FaeP+phBQD0780Zv92zu6DmkMc5b/6
-gRdfee3wUod818LZscAeSUdQwvEjb37ADYkyJnmoPKiw/FrQ8UpOtU4NzvODuy26
-ouJKKvz7MKyRucvo6+dtP5ifKbRilI9PYWpcXkP+3OJzBufw8lC5lHbEQc22Duum
-2jKjFw26DWjWEreflvHafWfSt6cX6S4ZpsG+YsYbA07UNWbdfwVDAEdsy190jiwV
-AUwS2hWiK7xk6FSzPPAha8Gwe9AXLfUiHvueBGJje6YUGH5h7yyJxB68UHHGGjPI
-+jIqw08VZb3JyOadqvuZUqfaRT8vXlHzkjFu32eDHgiYcLcD86LD4lsuvh51WHjM
-EKvqsffrQvoarOmMOsePUMuo0Kxed5GOoFMKhIzlpR5qDT7inIG6kibKlS10ppJ9
-k7PBGnuysQIEP7PQYFwKVe8296jxfJQSK/7qhqN0vgfDS/eOzgS0Q/lTzCh4cBom
-54+RSJD4gKmPgq+jYM5fPtmr0cGzyHo0ya/7Ov7BdD/oS9vEKvBjpMbkYvk1fOba
-5CbdIso1u0mAQWPv4G8S9SJV5FiZvrcW4GzaBE9netO0evXb/iwfEw==
------END RSA PRIVATE KEY-----
diff --git a/ANW-URB/openvpn/server-home.conf b/ANW-URB/openvpn/server-home.conf
deleted file mode 100644
index 94cb881..0000000
--- a/ANW-URB/openvpn/server-home.conf
+++ /dev/null
@@ -1,302 +0,0 @@
-#################################################
-# Sample OpenVPN 2.0 config file for            #
-# multi-client server.                          #
-#                                               #
-# This file is for the server side              #
-# of a many-clients <-> one-server              #
-# OpenVPN configuration.                        #
-#                                               #
-# OpenVPN also supports                         #
-# single-machine <-> single-machine             #
-# configurations (See the Examples page         #
-# on the web site for more info).               #
-#                                               #
-# This config should work on Windows            #
-# or Linux/BSD systems.  Remember on            #
-# Windows to quote pathnames and use            #
-# double backslashes, e.g.:                     #
-# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
-#                                               #
-# Comments are preceded with '#' or ';'         #
-#################################################
-
-# Which local IP address should OpenVPN
-# listen on? (optional)
-;local a.b.c.d
-
-# Which TCP/UDP port should OpenVPN listen on?
-# If you want to run multiple OpenVPN instances
-# on the same machine, use a different port
-# number for each one.  You will need to
-# open up this port on your firewall.
-port 1194
-
-# TCP or UDP server?
-;proto tcp
-proto udp
-
-topology subnet
-#route 192.168.63.0 255.255.255.0 10.0.132.1
-#route 192.168.64.0 255.255.255.0 10.0.132.1
-
-# "dev tun" will create a routed IP tunnel,
-# "dev tap" will create an ethernet tunnel.
-# Use "dev tap" if you are ethernet bridging.
-# If you want to control access policies
-# over the VPN, you must create firewall
-# rules for the the TUN/TAP interface.
-# On non-Windows systems, you can give
-# an explicit unit number, such as tun0.
-# On Windows, use "dev-node" for this.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel if you
-# have more than one.  On XP SP2 or higher,
-# you may need to selectively disable the
-# Windows firewall for the TAP adapter.
-# Non-Windows systems usually don't need this.
-;dev-node MyTap
-
-# SSL/TLS root certificate (ca), certificate
-# (cert), and private key (key).  Each client
-# and the server must have their own cert and
-# key file.  The server and all clients will
-# use the same ca file.
-#
-# See the "easy-rsa" directory for a series
-# of scripts for generating RSA certificates
-# and private keys.  Remember to use
-# a unique Common Name for the server
-# and each of the client certificates.
-#
-# Any X509 key management system can be used.
-# OpenVPN can also use a PKCS #12 formatted key file
-# (see "pkcs12" directive in man page).
-ca keys/ca.crt
-cert keys/server.crt
-key keys/server.key  # This file should be kept secret
-
-# Diffie hellman parameters.
-# Generate your own with:
-#   openssl dhparam -out dh1024.pem 1024
-# Substitute 2048 for 1024 if you are using
-# 2048 bit keys. 
-dh keys/dh1024.pem
-
-# Configure server mode and supply a VPN subnet
-# for OpenVPN to draw client addresses from.
-# The server will take 10.8.0.1 for itself,
-# the rest will be made available to clients.
-# Each client will be able to reach the server
-# on 10.8.0.1. Comment this line out if you are
-# ethernet bridging. See the man page for more info.
-server 10.0.132.0 255.255.255.0
-
-# Maintain a record of client <-> virtual IP address
-# associations in this file.  If OpenVPN goes down or
-# is restarted, reconnecting clients can be assigned
-# the same virtual IP address from the pool that was
-# previously assigned.
-ifconfig-pool-persist /etc/openvpn/ipp.txt
-
-# Configure server mode for ethernet bridging.
-# You must first use your OS's bridging capability
-# to bridge the TAP interface with the ethernet
-# NIC interface.  Then you must manually set the
-# IP/netmask on the bridge interface, here we
-# assume 10.8.0.4/255.255.255.0.  Finally we
-# must set aside an IP range in this subnet
-# (start=10.8.0.50 end=10.8.0.100) to allocate
-# to connecting clients.  Leave this line commented
-# out unless you are ethernet bridging.
-;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
-
-# Push routes to the client to allow it
-# to reach other private subnets behind
-# the server.  Remember that these
-# private subnets will also need
-# to know to route the OpenVPN client
-# address pool (10.8.0.0/255.255.255.0)
-# back to the OpenVPN server.
-push "route 192.168.132.0 255.255.255.0"
-push "route 192.168.133.0 255.255.255.0"
-
-# To assign specific IP addresses to specific
-# clients or if a connecting client has a private
-# subnet behind it that should also have VPN access,
-# use the subdirectory "ccd" for client-specific
-# configuration files (see man page for more info).
-client-config-dir ccd/server-home
-
-# EXAMPLE: Suppose the client
-# having the certificate common name "Thelonious"
-# also has a small subnet behind his connecting
-# machine, such as 192.168.40.128/255.255.255.248.
-# First, uncomment out these lines:
-;client-config-dir ccd
-;route 192.168.40.128 255.255.255.248
-# Then create a file ccd/Thelonious with this line:
-#   iroute 192.168.40.128 255.255.255.248
-# This will allow Thelonious' private subnet to
-# access the VPN.  This example will only work
-# if you are routing, not bridging, i.e. you are
-# using "dev tun" and "server" directives.
-
-# EXAMPLE: Suppose you want to give
-# Thelonious a fixed VPN IP address of 10.9.0.1.
-# First uncomment out these lines:
-;client-config-dir ccd
-;route 10.9.0.0 255.255.255.252
-# Then add this line to ccd/Thelonious:
-#   ifconfig-push 10.9.0.1 10.9.0.2
-
-# Suppose that you want to enable different
-# firewall access policies for different groups
-# of clients.  There are two methods:
-# (1) Run multiple OpenVPN daemons, one for each
-#     group, and firewall the TUN/TAP interface
-#     for each group/daemon appropriately.
-# (2) (Advanced) Create a script to dynamically
-#     modify the firewall in response to access
-#     from different clients.  See man
-#     page for more info on learn-address script.
-;learn-address ./script
-
-# If enabled, this directive will configure
-# all clients to redirect their default
-# network gateway through the VPN, causing
-# all IP traffic such as web browsing and
-# and DNS lookups to go through the VPN
-# (The OpenVPN server machine may need to NAT
-# the TUN/TAP interface to the internet in
-# order for this to work properly).
-# CAVEAT: May break client's network config if
-# client's local DHCP server packets get routed
-# through the tunnel.  Solution: make sure
-# client's local DHCP server is reachable via
-# a more specific route than the default route
-# of 0.0.0.0/0.0.0.0.
-;push "redirect-gateway"
-
-# Certain Windows-specific network settings
-# can be pushed to clients, such as DNS
-# or WINS server addresses.  CAVEAT:
-# http://openvpn.net/faq.html#dhcpcaveats
-;push "dhcp-option DNS 10.8.0.1"
-;push "dhcp-option WINS 10.8.0.1"
-push "dhcp-option DNS 192.168.132.1"
-push "dhcp-option DOMAIN anwaeltinnen.netz"
-
-# Uncomment this directive to allow different
-# clients to be able to "see" each other.
-# By default, clients will only see the server.
-# To force clients to only see the server, you
-# will also need to appropriately firewall the
-# server's TUN/TAP interface.
-client-to-client
-
-# Uncomment this directive if multiple clients
-# might connect with the same certificate/key
-# files or common names.  This is recommended
-# only for testing purposes.  For production use,
-# each client should have its own certificate/key
-# pair.
-#
-# IF YOU HAVE NOT GENERATED INDIVIDUAL
-# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
-# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
-# UNCOMMENT THIS LINE OUT.
-;duplicate-cn
-
-# The keepalive directive causes ping-like
-# messages to be sent back and forth over
-# the link so that each side knows when
-# the other side has gone down.
-# Ping every 10 seconds, assume that remote
-# peer is down if no ping received during
-# a 120 second time period.
-keepalive 10 120
-
-# For extra security beyond that provided
-# by SSL/TLS, create an "HMAC firewall"
-# to help block DoS attacks and UDP port flooding.
-#
-# Generate with:
-#   openvpn --genkey --secret ta.key
-#
-# The server and each client must have
-# a copy of this key.
-# The second parameter should be '0'
-# on the server and '1' on the clients.
-;tls-auth ta.key 0 # This file is secret
-tls-auth keys/ta.key 0
-
-# Select a cryptographic cipher.
-# This config item must be copied to
-# the client config file as well.
-;cipher BF-CBC        # Blowfish (default)
-;cipher AES-128-CBC   # AES
-;cipher DES-EDE3-CBC  # Triple-DES
-
-# Enable compression on the VPN link.
-# If you enable it here, you must also
-# enable it in the client config file.
-comp-lzo
-
-# The maximum number of concurrently connected
-# clients we want to allow.
-;max-clients 100
-
-# It's a good idea to reduce the OpenVPN
-# daemon's privileges after initialization.
-#
-# You can uncomment this out on
-# non-Windows systems.
-user nobody
-group nogroup
-
-# The persist options will try to avoid
-# accessing certain resources on restart
-# that may no longer be accessible because
-# of the privilege downgrade.
-persist-key
-persist-tun
-persist-local-ip
-persist-remote-ip
-# Output a short status file showing
-# current connections, truncated
-# and rewritten every minute.
-;status openvpn-status.log
-status /var/log/openvpn/status-server-home.log
-
-# By default, log messages will go to the syslog (or
-# on Windows, if running as a service, they will go to
-# the "\Program Files\OpenVPN\log" directory).
-# Use log or log-append to override this default.
-# "log" will truncate the log file on OpenVPN startup,
-# while "log-append" will append to it.  Use one
-# or the other (but not both).
-;log-append  openvpn.log
-;log         openvpn.log
-log         /var/log/openvpn/server-home.log
-
-# Set the appropriate level of log
-# file verbosity.
-#
-# 0 is silent, except for fatal errors
-# 4 is reasonable for general usage
-# 5 and 6 can help to debug connection problems
-# 9 is extremely verbose
-verb 4
-
-# Silence repeating messages.  At most 20
-# sequential messages of the same message
-# category will be output to the log.
-;mute 20
-
-#crl-verify /etc/openvpn/keys/crl.pem
diff --git a/ANW-URB/openvpn/server.conf.20130918 b/ANW-URB/openvpn/server.conf.20130918
deleted file mode 100644
index 14eeca3..0000000
--- a/ANW-URB/openvpn/server.conf.20130918
+++ /dev/null
@@ -1,294 +0,0 @@
-#################################################
-# Sample OpenVPN 2.0 config file for            #
-# multi-client server.                          #
-#                                               #
-# This file is for the server side              #
-# of a many-clients <-> one-server              #
-# OpenVPN configuration.                        #
-#                                               #
-# OpenVPN also supports                         #
-# single-machine <-> single-machine             #
-# configurations (See the Examples page         #
-# on the web site for more info).               #
-#                                               #
-# This config should work on Windows            #
-# or Linux/BSD systems.  Remember on            #
-# Windows to quote pathnames and use            #
-# double backslashes, e.g.:                     #
-# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
-#                                               #
-# Comments are preceded with '#' or ';'         #
-#################################################
-
-# Which local IP address should OpenVPN
-# listen on? (optional)
-;local a.b.c.d
-
-# Which TCP/UDP port should OpenVPN listen on?
-# If you want to run multiple OpenVPN instances
-# on the same machine, use a different port
-# number for each one.  You will need to
-# open up this port on your firewall.
-port 1194
-
-# TCP or UDP server?
-;proto tcp
-proto udp
-
-# "dev tun" will create a routed IP tunnel,
-# "dev tap" will create an ethernet tunnel.
-# Use "dev tap" if you are ethernet bridging.
-# If you want to control access policies
-# over the VPN, you must create firewall
-# rules for the the TUN/TAP interface.
-# On non-Windows systems, you can give
-# an explicit unit number, such as tun0.
-# On Windows, use "dev-node" for this.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel if you
-# have more than one.  On XP SP2 or higher,
-# you may need to selectively disable the
-# Windows firewall for the TAP adapter.
-# Non-Windows systems usually don't need this.
-;dev-node MyTap
-
-# SSL/TLS root certificate (ca), certificate
-# (cert), and private key (key).  Each client
-# and the server must have their own cert and
-# key file.  The server and all clients will
-# use the same ca file.
-#
-# See the "easy-rsa" directory for a series
-# of scripts for generating RSA certificates
-# and private keys.  Remember to use
-# a unique Common Name for the server
-# and each of the client certificates.
-#
-# Any X509 key management system can be used.
-# OpenVPN can also use a PKCS #12 formatted key file
-# (see "pkcs12" directive in man page).
-ca keys/ca.crt
-cert keys/server.crt
-key keys/server.key  # This file should be kept secret
-
-# Diffie hellman parameters.
-# Generate your own with:
-#   openssl dhparam -out dh1024.pem 1024
-# Substitute 2048 for 1024 if you are using
-# 2048 bit keys. 
-dh keys/dh1024.pem
-
-# Configure server mode and supply a VPN subnet
-# for OpenVPN to draw client addresses from.
-# The server will take 10.8.0.1 for itself,
-# the rest will be made available to clients.
-# Each client will be able to reach the server
-# on 10.8.0.1. Comment this line out if you are
-# ethernet bridging. See the man page for more info.
-server 10.0.82.0 255.255.255.0
-
-# Maintain a record of client <-> virtual IP address
-# associations in this file.  If OpenVPN goes down or
-# is restarted, reconnecting clients can be assigned
-# the same virtual IP address from the pool that was
-# previously assigned.
-ifconfig-pool-persist /etc/openvpn/ipp.txt
-
-# Configure server mode for ethernet bridging.
-# You must first use your OS's bridging capability
-# to bridge the TAP interface with the ethernet
-# NIC interface.  Then you must manually set the
-# IP/netmask on the bridge interface, here we
-# assume 10.8.0.4/255.255.255.0.  Finally we
-# must set aside an IP range in this subnet
-# (start=10.8.0.50 end=10.8.0.100) to allocate
-# to connecting clients.  Leave this line commented
-# out unless you are ethernet bridging.
-;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
-
-# Push routes to the client to allow it
-# to reach other private subnets behind
-# the server.  Remember that these
-# private subnets will also need
-# to know to route the OpenVPN client
-# address pool (10.8.0.0/255.255.255.0)
-# back to the OpenVPN server.
-;push "route 192.168.23.0 255.255.255.0"
-;push "route 192.168.82.0 255.255.255.0"
-push "route 192.168.1.0 255.255.255.0"
-
-# To assign specific IP addresses to specific
-# clients or if a connecting client has a private
-# subnet behind it that should also have VPN access,
-# use the subdirectory "ccd" for client-specific
-# configuration files (see man page for more info).
-
-# EXAMPLE: Suppose the client
-# having the certificate common name "Thelonious"
-# also has a small subnet behind his connecting
-# machine, such as 192.168.40.128/255.255.255.248.
-# First, uncomment out these lines:
-client-config-dir ccd
-;route 192.168.40.128 255.255.255.248
-# Then create a file ccd/Thelonious with this line:
-#   iroute 192.168.40.128 255.255.255.248
-# This will allow Thelonious' private subnet to
-# access the VPN.  This example will only work
-# if you are routing, not bridging, i.e. you are
-# using "dev tun" and "server" directives.
-
-# EXAMPLE: Suppose you want to give
-# Thelonious a fixed VPN IP address of 10.9.0.1.
-# First uncomment out these lines:
-;client-config-dir ccd
-;route 10.9.0.0 255.255.255.252
-# Then add this line to ccd/Thelonious:
-#   ifconfig-push 10.9.0.1 10.9.0.2
-
-# Suppose that you want to enable different
-# firewall access policies for different groups
-# of clients.  There are two methods:
-# (1) Run multiple OpenVPN daemons, one for each
-#     group, and firewall the TUN/TAP interface
-#     for each group/daemon appropriately.
-# (2) (Advanced) Create a script to dynamically
-#     modify the firewall in response to access
-#     from different clients.  See man
-#     page for more info on learn-address script.
-;learn-address ./script
-
-# If enabled, this directive will configure
-# all clients to redirect their default
-# network gateway through the VPN, causing
-# all IP traffic such as web browsing and
-# and DNS lookups to go through the VPN
-# (The OpenVPN server machine may need to NAT
-# the TUN/TAP interface to the internet in
-# order for this to work properly).
-# CAVEAT: May break client's network config if
-# client's local DHCP server packets get routed
-# through the tunnel.  Solution: make sure
-# client's local DHCP server is reachable via
-# a more specific route than the default route
-# of 0.0.0.0/0.0.0.0.
-;push "redirect-gateway"
-
-# Certain Windows-specific network settings
-# can be pushed to clients, such as DNS
-# or WINS server addresses.  CAVEAT:
-# http://openvpn.net/faq.html#dhcpcaveats
-;push "dhcp-option DNS 10.8.0.1"
-;push "dhcp-option WINS 10.8.0.1"
-push "dhcp-option DNS 192.168.1.1"
-push "dhcp-option DOMAIN anwaeltinnen.netz"
-
-# Uncomment this directive to allow different
-# clients to be able to "see" each other.
-# By default, clients will only see the server.
-# To force clients to only see the server, you
-# will also need to appropriately firewall the
-# server's TUN/TAP interface.
-client-to-client
-
-# Uncomment this directive if multiple clients
-# might connect with the same certificate/key
-# files or common names.  This is recommended
-# only for testing purposes.  For production use,
-# each client should have its own certificate/key
-# pair.
-#
-# IF YOU HAVE NOT GENERATED INDIVIDUAL
-# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
-# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
-# UNCOMMENT THIS LINE OUT.
-;duplicate-cn
-
-# The keepalive directive causes ping-like
-# messages to be sent back and forth over
-# the link so that each side knows when
-# the other side has gone down.
-# Ping every 10 seconds, assume that remote
-# peer is down if no ping received during
-# a 120 second time period.
-keepalive 10 120
-
-# For extra security beyond that provided
-# by SSL/TLS, create an "HMAC firewall"
-# to help block DoS attacks and UDP port flooding.
-#
-# Generate with:
-#   openvpn --genkey --secret ta.key
-#
-# The server and each client must have
-# a copy of this key.
-# The second parameter should be '0'
-# on the server and '1' on the clients.
-;tls-auth ta.key 0 # This file is secret
-tls-auth keys/ta.key 0
-
-# Select a cryptographic cipher.
-# This config item must be copied to
-# the client config file as well.
-;cipher BF-CBC        # Blowfish (default)
-;cipher AES-128-CBC   # AES
-;cipher DES-EDE3-CBC  # Triple-DES
-
-# Enable compression on the VPN link.
-# If you enable it here, you must also
-# enable it in the client config file.
-comp-lzo
-
-# The maximum number of concurrently connected
-# clients we want to allow.
-;max-clients 100
-
-# It's a good idea to reduce the OpenVPN
-# daemon's privileges after initialization.
-#
-# You can uncomment this out on
-# non-Windows systems.
-user nobody
-group nogroup
-
-# The persist options will try to avoid
-# accessing certain resources on restart
-# that may no longer be accessible because
-# of the privilege downgrade.
-persist-key
-persist-tun
-persist-local-ip
-persist-remote-ip
-# Output a short status file showing
-# current connections, truncated
-# and rewritten every minute.
-status openvpn-status.log
-
-# By default, log messages will go to the syslog (or
-# on Windows, if running as a service, they will go to
-# the "\Program Files\OpenVPN\log" directory).
-# Use log or log-append to override this default.
-# "log" will truncate the log file on OpenVPN startup,
-# while "log-append" will append to it.  Use one
-# or the other (but not both).
-log         /var/log/openvpn/openvpn.log
-;log-append  openvpn.log
-
-# Set the appropriate level of log
-# file verbosity.
-#
-# 0 is silent, except for fatal errors
-# 4 is reasonable for general usage
-# 5 and 6 can help to debug connection problems
-# 9 is extremely verbose
-verb 4
-
-# Silence repeating messages.  At most 20
-# sequential messages of the same message
-# category will be output to the log.
-;mute 20