diff --git a/files/openvpn_management_scripts/create_ovpn.sh b/files/openvpn_management_scripts/create_ovpn.sh
index 4e6ba7bf5..4d351464b 100755
--- a/files/openvpn_management_scripts/create_ovpn.sh
+++ b/files/openvpn_management_scripts/create_ovpn.sh
@@ -29,8 +29,8 @@ set -e
 set -u
 
 
-USER_CERT_PATH="$KEY_PATH/$1.crt"
-USER_KEY_PATH="$KEY_PATH/$1.key"
+USER_CERT_PATH="$KEY_PATH/issued/$1.crt"
+USER_KEY_PATH="$KEY_PATH/private/$1.key"
 
 
 #HEADER
diff --git a/files/openvpn_management_scripts/create_seperated_vpn_zip.sh b/files/openvpn_management_scripts/create_seperated_vpn_zip.sh
index 1794a3b69..0070572ab 100755
--- a/files/openvpn_management_scripts/create_seperated_vpn_zip.sh
+++ b/files/openvpn_management_scripts/create_seperated_vpn_zip.sh
@@ -30,8 +30,8 @@ username=${username// /_}
 # now, clean out anything that's not alphanumeric or an underscore
 username=${username//[^a-zA-Z0-9_-.]/}
 
-USER_CERT_PATH="$KEY_PATH/$1.crt"
-USER_KEY_PATH="$KEY_PATH/$1.key"
+USER_CERT_PATH="$KEY_PATH/issued/$1.crt"
+USER_KEY_PATH="$KEY_PATH/private/$1.key"
 
 #make a temp dir
 TEMP_NAME="$username-$CLOUD_NAME-seperated"
diff --git a/files/openvpn_management_scripts/create_vpn_user.sh b/files/openvpn_management_scripts/create_vpn_user.sh
index 2f3ef406b..39be17fcb 100755
--- a/files/openvpn_management_scripts/create_vpn_user.sh
+++ b/files/openvpn_management_scripts/create_vpn_user.sh
@@ -49,13 +49,16 @@ export KEY_EMAIL=$email
 export KEY_ALTNAMES="DNS:${KEY_CN}"
 
 #This create the key's for the road warrior
-echo -e "running ${YELLOW} build-batch-key"
-build-key-batch  $username &>/dev/null && echo -e "${GREEN}success!" || echo -e "${RED}failure";echo -e $CLEAR 
+echo -e "running ${YELLOW} easyrsa build-client-full"
+(
+	cd $EASYRSA_PATH
+	easyrsa build-client-full $username nopass &>/dev/null && echo -e "${GREEN}success!" || echo -e "${RED}failure";echo -e $CLEAR
+)
 #&& echo -e "${GREEN}success!" || echo -e "${RED}failure";echo -e $CLEAR
 
-echo "Backup certs so we can revoke them if ever needed"
-[ -d  $KEY_DIR/user_certs/ ]  || mkdir  $KEY_DIR/user_certs/
-cp $KEY_DIR/$username.crt $KEY_DIR/user_certs/$username.crt-$(date +%F-%T) && echo -e "${GREEN}success!" || echo -e "${RED}failure";echo -e $CLEAR
+# echo "Backup certs so we can revoke them if ever needed"
+# [ -d  $KEY_DIR/user_certs/ ]  || mkdir  $KEY_DIR/user_certs/
+# cp $KEY_DIR/$username.crt $KEY_DIR/user_certs/$username.crt-$(date +%F-%T) && echo -e "${GREEN}success!" || echo -e "${RED}failure";echo -e $CLEAR
 
 echo "Create the OVPN file for $username"
 $VPN_BIN_ROOT/create_ovpn.sh $KEY_CN $KEY_EMAIL > $KEY_DIR/ovpn_files/${username}-${CLOUD_NAME}.ovpn 2> /dev/null && echo -e "${GREEN}success!" || echo -e "${RED}failure";echo -e $CLEAR
diff --git a/flavors/vpn_nlb_central/vpnvm_new.sh b/flavors/vpn_nlb_central/vpnvm_new.sh
index 67cb2c620..a38df44d1 100644
--- a/flavors/vpn_nlb_central/vpnvm_new.sh
+++ b/flavors/vpn_nlb_central/vpnvm_new.sh
@@ -367,7 +367,8 @@ build_PKI() {
     ./easyrsa build-ca nopass
     ./easyrsa gen-dh
     ./easyrsa gen-crl
-    ./easyrsa gen-req $VPN_NLB_NAME.planx-pla.net nopass
+    ./easyrsa build-server-full $VPN_NLB_NAME.planx-pla.net nopass
+    # ./easyrsa gen-req $VPN_NLB_NAME.planx-pla.net nopass
     openvpn --genkey --secret ta.key
     mv ta.key $EASYRSA_PATH/pki/ta.key