Hello,
my mother language is not English and this is probably why the document seems erroneous to me.
https://doc.pfsense.org/index.php/Are_cryptographic_accelerators_supported
Practical Use - OpenVNP
To take advantage of acceleration in OpenVPN, choose a supported cipher such as aes-128-cbc on each end of a given tunnel, then select BSD Cryptodev Engine for Hardware Crypto.
Similarly, if the system employs the VIA Padlock engine, choose an appropriate cipher and select VIA Padlock for Hardware Crypto.
Nothing needs selected for OpenVPN to utilize AES-NI. The OpenSSL engine has its own code for handling AES-NI that works well without using the BSD Cryptodev Engine.
On the first paragraph it says to select cryptodev, but on the 3rd one says it has it's own code that works well without cryptodev.
O.T.:
I do have EAS-NI support and it is selected under Advanced - Miscellaneous config, but on my OpenVPN Server edit page I cannot select any crypt engine at all.
As I don't remember the prev Server config (I have xml backups, so I can find the answer) I thought to have a look at docs for any mistake on my side, or for issues cause by upgrading from 2.3.4-p1 to 2.4.0-RC (amd64).
Cheers