I am adding this because it applies to 3.0.1 and others had mentioned problems about a previous version. I have imported all of my certificates and keys onto the Android keychain as well as through the import feature in OpenVPN on the client. I have also specified settings on the OpenVPN client where necessary e.g. ipv4 only, uncheck DNS override, no compression, etc.
Client Config
client
dev tun
proto udp4
remote SCRUBBED SCRUBBED
redirect gateway def1
dhcp-option DNS 208.67.222.222
remote-cert-tls server
mssfix 1400
tun-mtu 1400
cipher AES-256-GCM
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
auth-nocache
chroot jail
auth-user-pass
auth SHA512
prng blake2b512 64
nobind
float
key-direction 1
<ca>
-----BEGIN CERTIFICATE-----
SCRUBBED LEAF
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
SCRUBBED ROOT
-----END CERTIFICATE-----
</ca>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
SCRUBBED
-----END OpenVPN Static key V1-----
</tls-auth>