Hardened OpenVPN server
Nice to have - hardening features:
- Run the openvpn server as unprivileged user, group (e.g. nobody:nogroup)
- Additionally generate and secure the communication with tls-auth ta.key by default
- Generate (pkcs12) client.p12 container with (certificates and key) encrypted with passphrase rather than key inserted in client.conf file.