OpenVPN Support Forum

So I've setup an OpenVPN configuration to use TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 as TLS cipher, however whenever my client connects to the server (with the exact same TLS cipher) I get the following warning: "WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info."
At the link provided, the following solution is presented: "Sign server certificates with one CA and client certificates with a different CA. The client configuration ca directive should reference the server-signing CA file, while the server configuration cadirective should reference the client-signing CA file." This was already what I did in the first place, so I'm wondering whether the warning is bugged or what is going on?

You still need the extended key usage to fix the warning.

So just to confirm, the warning is coming up because im not using the extended key usage. Assuming I did the solution I mentioned above correctly, my setup is secure from MITM attacks?