Hi all,
When looking at this again and examining logs, I saw that I was getting unknown certificate usage errors in the logs. So I googled a bit, and eventually tried different client certificates. I managed to get it working with a new certificate.
I haven't exhaustively tested this, but I believe that if I enter text into the optional "Subject alternative Names" field when generating the certificate, I believe I get a server-type certificate and that's not valid as a client certificate. When I created a client certificate using just information in the "Common Name" field, I was able to successfully log in.
I believe a little more clarity in the documentation on the differences between server and client certificates and how they are generated may be helpful. I believe that the creation of a new openvpn server creates the right kind of certificate (server).
Anyway, working for me now.
YellowShed