If you've used the PiVPN scripts to generate a profile and protected your private key with a passphrase (a very good practice), then you will need a way to decrypt this during the "non-interactive" OpenVPN connection on the router.
The option that I used that worked was to create a separate file that could be referenced in the profile by adding an askpass
option that contains only the passphrase.
https://stackoverflow.com/a/24071181/3794873
I'm planning to also test with a dummy empty .pass file since it seems like maybe the OpenVPN profile upload in the GL.iNet firmware doesn't realize that the PiVPN generated ovpn profile has an encrypted private key so it doesn't prompt for one until it sees multiple files in a zip. If you upload a zip that contains the ovpn profile and another file, it seems to assume that the other file is a key or certificate that might need a passphrase so it requests one after the upload.
How to Upload the .pass file to the Router?