diff --git a/VM_VPN_GATEWAY.sh b/VM_VPN_GATEWAY.sh
index ae22be8..8fb7484 100644
--- a/VM_VPN_GATEWAY.sh
+++ b/VM_VPN_GATEWAY.sh
@@ -54,12 +54,13 @@ sudo iptables-save > /etc/sysconfig/iptables # :3
 # Copiar o Self-signed Certificate Authority
 ca_dir="/etc/pki/CA"
 mkdir -p $ca_dir 
-mv ca.crt $ca_dir
+cp ca.crt $ca_dir
 
 # Criar vpn certificate
-openssl ca -in ca.csr -cert ca.crt -keyfile ca.key -out vpn.crt
-mv vpn.key $ca_dir
-mv vpn.crt $ca_dir
+openssl req -new -key vpn.key -out vpn.csr
+openssl ca -in vpn.csr -cert ca.crt -keyfile ca.key -out vpn.crt
+cp vpn.key $ca_dir
+cp vpn.crt $ca_dir
 
 
 # NOTA(vasco): o ficheiro conf vai ser vpn.conf pq isso é o nome do serviço
diff --git a/v3_ca.ext b/v3_ca.ext
deleted file mode 100644
index 113b8ab..0000000
--- a/v3_ca.ext
+++ /dev/null
@@ -1,2 +0,0 @@
-keyUsage = cRLSign, digitalSignature, keyCertSign
-basicConstraints=critical,CA:true,pathlen:0