diff --git a/Pi-hole---OpenVPN-server.md b/Pi-hole---OpenVPN-server.md
index e9c602a..969c31a 100644
--- a/Pi-hole---OpenVPN-server.md
+++ b/Pi-hole---OpenVPN-server.md
@@ -13,7 +13,7 @@ This manual is based on this [HowTo](https://discourse.pi-hole.net/t/pi-hole-wit
 ](https://github.com/pi-hole/pi-hole/wiki/OpenVPN-server:-Only-route-DNS-via-VPN)
 
 ---
-### Optional: Security information
+### Security information
 For security purposes, it is recommended that the CA machine should be separate from the machine running OpenVPN. If you loose control of your CA private key, you can no longer trust any certificates from this CA. Anyone with access to this CA private key can sign new certificates without your knowledge, which then can connect to your OpenVPN server without needing to modify anything on the VPN server. Place your CA files on a storage which can be offline as much as possible, only to be activated when you need to get a new certificate for a client or server.
 
 ---