Completly removed the section from the config file.
Restarted service.
Tried configuring the client using the ca, cert and private key from the server.
I got this in OpenWRT logs:
Fri Oct 22 21:44:58 2021 daemon.err openvpn(server)[9720]: 172.16.9.1:52290 VERIFY ERROR: depth=0, error=unsupported certificate purpose: CN=server, serial=30587019811267326290794648221475258883
Fri Oct 22 21:44:58 2021 daemon.err openvpn(server)[9720]: 172.16.9.1:52290 OpenSSL: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed
Fri Oct 22 21:44:58 2021 daemon.err openvpn(server)[9720]: 172.16.9.1:52290 TLS_ERROR: BIO read tls_read_plaintext error
Fri Oct 22 21:44:58 2021 daemon.err openvpn(server)[9720]: 172.16.9.1:52290 TLS Error: TLS object -> incoming plaintext read error
Fri Oct 22 21:44:58 2021 daemon.err openvpn(server)[9720]: 172.16.9.1:52290 TLS Error: TLS handshake failed
Client is more limited on what is supports configuring. Viscosity provides a visual interface with a few options. The only option that doesn't refer to TLS is called "static key" and expects a "secret file" to be linked to the config. Not sure if this is supported with OpenVPN in OpenWRT.