From de9c2f57bf01e3d0600eee4084e648f7ef3e3a15 Mon Sep 17 00:00:00 2001
From: Stephan de Wit <stephan.de.wit@deciso.com>
Date: Thu, 1 May 2025 15:49:43 +0200
Subject: [PATCH] reword a bit

---
 source/manual/users.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/source/manual/users.rst b/source/manual/users.rst
index f1d20a4b..ab7c2f47 100644
--- a/source/manual/users.rst
+++ b/source/manual/users.rst
@@ -55,8 +55,8 @@ rights, called privileges.
     In most cases, the only reason for a user to exist on the firewall, is so their access
     can be restricted for various services using group management.
 
-    For example, if a user is not restricted by a group, you would only need a certificate
-    with the username as common name if you want to grant OpenVPN access to this user.
+    For example, if a user is not restricted by a group, you would only need to provide a
+    valid certificate for this user to grant OpenVPN access in its most basic form.
 
     This concept is also relevant when considering external authentication services
     such as LDAP or RADIUS. Without group restrictions, no user synchronization from