Hi,
this is not really related to this topic. ‘–ns-cert-type’ is deprecated and will be removed from OpenVPN with version 2.5.x which should come in august this year. This directive will be replaced with ‘–remote-cert-tls’ which involves also changes in the certificates. More in depth informations can be found in here --> https://forum.ipfire.org/viewtopic.php?f=50&t=18852&p=108777&hilit=RFC3280#p108144 .
OpenVPN will work until the update to 2.5 regarding OpenVPNs manpage (which is linked in the topic above) after that problems (to no function) will appear !!! This warnings appears since Core 123 which is now kind of long ago, this warning is now kind of urgent. It seems that there is also another solution --> Solved: Manual repair PKI on OpenVPN RFC3280 issue but i didn´t used that one and can´t say if it is working properly also, a renewal of the PKI might be a good idea especially if there are some old crypto stuff involved (SHA1, 1024bit key lengths ).
Best,
Erik