diff --git a/config.cfg b/config.cfg
index 27cb29d6a..6d579b71e 100644
--- a/config.cfg
+++ b/config.cfg
@@ -206,7 +206,7 @@ cloud_providers:
     image: Ubuntu 22.04 Jammy Jellyfish
     arch: x86_64
   hetzner:
-    server_type: cx11
+    server_type: cx22
     image: ubuntu-22.04
   openstack:
     flavor_ram: ">=512"
diff --git a/docs/deploy-from-cloudshell.md b/docs/deploy-from-cloudshell.md
index 2e75e910e..f0f0fed41 100644
--- a/docs/deploy-from-cloudshell.md
+++ b/docs/deploy-from-cloudshell.md
@@ -1,5 +1,4 @@
 # Deploy from Google Cloud Shell
-**IMPORTANT NOTE: As of 2021-12-14 Algo requires Python 3.8, but Google Cloud Shell only provides Python 3.7.3. The instructions below will not work until Google updates Cloud Shell to have at least Python 3.8.**
 
 If you want to try Algo but don't wish to install the software on your own system you can use the **free** [Google Cloud Shell](https://cloud.google.com/shell/) to deploy a VPN to any supported cloud provider. Note that you cannot choose `Install to existing Ubuntu server` to turn Google Cloud Shell into your VPN server.
 
diff --git a/roles/cloud-vultr/tasks/prompts.yml b/roles/cloud-vultr/tasks/prompts.yml
index 7813b0f5b..51e2ddd61 100644
--- a/roles/cloud-vultr/tasks/prompts.yml
+++ b/roles/cloud-vultr/tasks/prompts.yml
@@ -54,5 +54,5 @@
   set_fact:
     algo_vultr_region: >-
       {% if region is defined %}{{ region }}
-      {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['name'] | lower }}
+      {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['regioncode'] | lower }}
       {%- else %}{{ vultr_regions[default_region | int - 1]['regioncode'] | lower }}{% endif %}
diff --git a/roles/strongswan/tasks/openssl.yml b/roles/strongswan/tasks/openssl.yml
index f51ac9dd0..f51a74dc3 100644
--- a/roles/strongswan/tasks/openssl.yml
+++ b/roles/strongswan/tasks/openssl.yml
@@ -155,10 +155,25 @@
         format: OpenSSH
       with_items: "{{ users }}"
 
+    - name: Get OpenSSL version
+      shell: |
+        set -o pipefail
+        {{ openssl_bin }} version |
+        cut -f 2 -d ' '
+      args:
+        executable: bash
+      register: ssl_version
+      run_once: true
+
+    - name: Set OpenSSL version fact
+      set_fact:
+        openssl_version: "{{ ssl_version.stdout }}"
+
     - name: Build the client's p12
       shell: >
         umask 077;
         {{ openssl_bin }} pkcs12
+        {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }}
         -in certs/{{ item }}.crt
         -inkey private/{{ item }}.key
         -export
@@ -175,6 +190,7 @@
       shell: >
         umask 077;
         {{ openssl_bin }} pkcs12
+        {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }}
         -in certs/{{ item }}.crt
         -inkey private/{{ item }}.key
         -export
diff --git a/users.yml b/users.yml
index e9e8c0868..3595db116 100644
--- a/users.yml
+++ b/users.yml
@@ -27,6 +27,7 @@
               [{% for i in _configs_list.files %}
                 {% set config  = lookup('file', i.path)|from_yaml %}
                 '{{ config.server }}'
+                '{{ config.IP_subject_alt_name }}'
                 {{ ',' if not loop.last else '' }}
               {% endfor %}]