Here's my server .conf file:
Server config
local 192.168.4.101
port 1400
proto udp
dev tap0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/uranus.crt
key /etc/openvpn/uranus.key
dh /etc/openvpn/dh2048.pem
;auth SHA512
;tls-crypt tc.key
topology subnet
;server 10.8.0.0 255.255.255.0
;server-bridge 10.240.32.1 255.255.248.0 10.240.36.0 10.240.39.254
server-bridge
push "redirect-gateway def1"
push "dhcp-option DNS 10.240.32.1"
client-to-client
client-connect /etc/openvpn/scripts/openvpn-connect.sh
client-disconnect /etc/openvpn/scripts/openvpn-disconnect.sh
script-security 2
duplicate-cn
;ifconfig-pool-persist ipp.txt
;push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /etc/openvpn/log/openvpn-status.log
log-append /etc/openvpn/log/openvpn.log
verb 4
;crl-verify crl.pem
;explicit-exit-notify
auth-user-pass
username-as-common-name
auth-user-pass-verify ldapsearch-auth.sh via-file
port 1400
proto udp
dev tap0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/uranus.crt
key /etc/openvpn/uranus.key
dh /etc/openvpn/dh2048.pem
;auth SHA512
;tls-crypt tc.key
topology subnet
;server 10.8.0.0 255.255.255.0
;server-bridge 10.240.32.1 255.255.248.0 10.240.36.0 10.240.39.254
server-bridge
push "redirect-gateway def1"
push "dhcp-option DNS 10.240.32.1"
client-to-client
client-connect /etc/openvpn/scripts/openvpn-connect.sh
client-disconnect /etc/openvpn/scripts/openvpn-disconnect.sh
script-security 2
duplicate-cn
;ifconfig-pool-persist ipp.txt
;push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /etc/openvpn/log/openvpn-status.log
log-append /etc/openvpn/log/openvpn.log
verb 4
;crl-verify crl.pem
;explicit-exit-notify
auth-user-pass
username-as-common-name
auth-user-pass-verify ldapsearch-auth.sh via-file
I think it is sort of ignoring the script authenticating on the certificate alone.
If you need any more files tell me and i'll post them.