Your welcome Peter.
if you want a insecure version with inline ca, cert, key(s) you need to enter no password while client creation this should in any case work.
Nevertheless, there is a bug in WUI. If you have a regular client with password (secure) and you edit this client via the yellow pencil and save it again, this client get a second disk icon for a insecure download option which is a wrong since you´ve already entered a password so it ends up with a OpenSSL error message ‘Mac verify error: invalid password?’ if you want to download the insecure one .
Possibly the error is somewhere around here --> https://git.ipfire.org/?p=ipfire-2.x.git;a=blob;f=html/cgi-bin/ovpnmain.cgi;h=68a70d14777f4d07711201e7f08b71c0d636eab6;hb=HEAD#l5429 ?
But am currently not sure about that.
Hope this helps for the first, more to come. Best,