you can create a new RADIUS cert whenever you want. Just ensure its signed by same CA and has same details such as CN . If you want to change CA then client config changes will be needed (likewise for CN changes) ...that assumes the clients were configured properly/securely. If its just a client cert (EAP-TLS) then just give the client a new one<br><br>alan<br><br>