There were already good articles to follow.
If you follow the instructions above, you should be good to setup OpenID Client with CA OpenID Connect Provider.
I tested on CA Access Gateway R12.8 base version and above document still remains valid.
There was one thing that I encountered during the configuration and that was in the CA SSO AdminUI creating the OpenID Client.
When entering the "Redirect URIs" and click "Add", nothing happens.
This page code does not seem to work in IE.
However, by using chrome, I was able to submit and save.
Then follow the steps in CA SSO OpenID Connect Provider - with Apache OpenID Client to create the OpenID Provider and Client.
When you create the OpenID Client, it will automatically generate the "Client ID" and "Client Secret" unless you enter them manually.
This value need to be used when you update your OID Client side httpd.conf file.
Attaching httpd.conf and Sample_OID_Flow.saz for reference.