To create VPN client Keys
Login to Server and Go to Directory /etc/openvpn/easy-rsa
and Run the following commands
A. # . ./vars

B. For without password key use build-key

i. # ./build-key username

For with password use build-key-pass

ii. # ./build-key-pass username
Enter PEM pass phrase: passphrase
Verifying - Enter PEM pass phrase: passphrase

C. It will aske you for following information
Country Name (2 letter code) [IN]:IN (mandatory)
State or Province Name (full name) [Maharashtra]:Maharashtra (mandatory)
Locality Name (eg, city) [Mumbai]:Mumbai (compulsory)
Organization Name (eg, company) [mercetest]:Your_Company_Name (mandatory)
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:HOSTNAME/YOURNAME (mandatory)
Email Address [ithelpdesk@]:EMAILID (mandatory)

D. Then it will ask for following information(Optional)
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: (Leave blank if not required)
An optional company name []:(Leave blank if not required)

E. Certificate is to be certified until Dec 6 03:27:23 2020 GMT (3650 days)
Sign the certificate? [y/n]:y (Enter y)

F. 1 out of 1 certificate requests certified, commit? [y/n]y (Enter y)

G. Now Client key get created in /etc/openvpn/easy-rsa/keys (Default path) or you can check keydir path
in /etc/openvpn/easy-rsa/vars.

H. Copy username.crt username.key from key directory i.e. /etc/openvpn/easy-rsa/keys and ta.key ca.crt
from /etc/openvpn/ to clients machine for openvpn client configuration.