diff --git a/modules/sysadmin_guide/pages/openvpn.adoc b/modules/sysadmin_guide/pages/openvpn.adoc
index 8be4f55..6a48aae 100644
--- a/modules/sysadmin_guide/pages/openvpn.adoc
+++ b/modules/sysadmin_guide/pages/openvpn.adoc
@@ -20,27 +20,7 @@ Purpose::
 
 === Create/sign the keys
 
-From batcave01 check out the private repo:
-
-....
-# This is to ensure that the clone is not world-readable at any point.
-RESTORE_UMASK=$(umask -p)
-umask 0077
-git clone /srv/git/ansible-private
-$RESTORE_UMASK
-cd ansible-private/vpn/openvpn
-....
-
-Next prepare your environment and run the build-key script. This example
-is for host "proxy4.fedora.iad2.redhat.com":
-
-....
-. ./vars
-./build-key $FQDN # ./revoke-full $FQDN to revoke keys that are no longer used.
-git add .
-git commit -a
-git push
-....
+See xref:howtos:generate_openvpn_keys.adoc[How to generate private key and certificate for OpenVPN client]
 
 === Create Static IP
 
@@ -122,15 +102,13 @@ RESTORE_UMASK=$(umask -p)
 umask 0077
 git clone /srv/git/ansible-private
 $RESTORE_UMASK
-cd ansible-private/vpn/openvpn
+cd ansible-private/files/vpn
 ....
 
-Next prepare your environment and run the build-key script. This example
-is for host "proxy4.fedora.iad2.redhat.com":
+Next, use the `easyrsa` command to revoke the certificate:
 
 ....
-. ./vars
-./revoke-full $FQDN
+/usr/share/easy-rsa/3.0/easyrsa revoke $FQDN
 git add .
 git commit -a
 git push