I'm running Ubuntu 20.04's packaged FR - and been happy with Enterprise-WPA using EAP-TLS on a single server - authenticating wireless clients. But we're putting more and more machines on E-WPA, and so the FR server becomes a critical resource. The obvious answer is to have two/multiple servers and that's a option in Unifi. (And most/all other Wifi AP's.) The question is: Since I'm just using certificates is there anything different that I really need to do, other than setting up the new server, essentially, identically to the first one? If I revoke certificates I understand I'll need to complete that process on both machines - essentially manually keeping them in sync. Do I have that right? (In this setup, both servers will use the same key and certificate - which means I can't revoke one and leave the other running, but that (revoking a server) really doesn't work anyway, since the clients don't look up a CRL somewhere reliable anyway. So, if I lose control of one of the servers, I'm screwed and will have to rebuild the entire PKI framework again, but that's going to happen even if I use different certs/keys for both servers. ...provided I conceptually understand things correctly.)