A recent openssl update is enforcing higher cert signings. Check with your vpn provider to reissue any depreciated certs associated with your profile and then regenerate openvpn configs.
Do NOT follow any silly advice by disabling all security by adding something like “DEFAULT:@SECLEVEL=0” to your configs. 