I cannot connect to the server (client times out), and the server log file shows “TLS_ERROR: BIO read tls_read_plaintext error: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher”.

This is usually remedied by going to the OpenVPN section of the iOS Settings app and selecting "Force AES-CBC ciphersuites".
Another reason why this may happen is that you are using EC (Ecliptic Cryptography) certificates. OpenVPN Connect does not support the ECDSA algorithm at the moment, therefore those kind of certificates can't be used.