Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: OpenVPN 2.4.4 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: library versions: OpenSSL 1.0.2p 14 Aug 2018, LZO 2.10
Sat Oct 20 16:13:06 2018 daemon.warn openvpn(MYNETN750)[5277]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: Diffie-Hellman initialized with 2048 bit key
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!aNULL'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!eNULL'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!3DES'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!MD5'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!SHA'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!PSK'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!DSS'
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: No valid translation found for TLS cipher '!RC4'
Sat Oct 20 16:13:06 2018 daemon.err openvpn(MYNETN750)[5277]: OpenSSL: error:0B07C065:lib(11):func(124):reason(101)
Sat Oct 20 16:13:06 2018 daemon.err openvpn(MYNETN750)[5277]: Cannot add certificate to certificate chain (X509_STORE_add_cert)
Sat Oct 20 16:13:06 2018 daemon.notice openvpn(MYNETN750)[5277]: Exiting due to fatal error
Here is the output of /etc/ssl/openssl.cnf ; /etc/config/openvpn and /etc/ssl (ls -alR) - https://pastebin.com/K533tc77
I thought I had got all the OpenSSL problems resolve, but am now seeing the exact same error as you.
Afraid I don't have an answer yet, but at least you know you are not alone!
My best guess is that I have messed something up with the chain of trust, but am not sure what.
I might delete everything and try again (and this time skip the client config until I am sure the server is working).
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: OpenVPN 2.4.5 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: library versions: OpenSSL 1.0.2p 14 Aug 2018, LZO 2.10
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: Diffie-Hellman initialized with 2048 bit key
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!aNULL'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!eNULL'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!3DES'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!MD5'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!SHA'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!PSK'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!DSS'
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: No valid translation found for TLS cipher '!RC4'
Tue Oct 23 21:35:56 2018 daemon.err openvpn(vpnserver)[21621]: OpenSSL: error:0B07C065:lib(11):func(124):reason(101)
Tue Oct 23 21:35:56 2018 daemon.err openvpn(vpnserver)[21621]: Cannot add certificate to certificate chain (X509_STORE_add_cert)
Tue Oct 23 21:35:56 2018 daemon.notice openvpn(vpnserver)[21621]: Exiting due to fatal error
The issue is the PKCS12 cert likely wasn't created with the CA-ICA Chain cert.
Chain of trust: CA -> ICA -> VPN Server cert.
Certs should be signed with the ICA, with the PKCS12 created with the CA-ICA Chain as the CA.
That being said, the OpenSSL PKI wiki had the concatenation step misfiled under the section for creating the CRL. I corrected this on 10/18, with the step now where it should be as #3 under ICA, and my hunch is this is the root of the issue