Hi, My institution generated our server certificate by GlobalSign, but we received a server certificate signed by an intermediate issuer, an intermediate issuer. We receveid the server, intermediate and root certificates files. I created a bundle with intermediate and root certificates, in this order an. I configured the /etc/freeradius/mods-enabled/eap as below: private_key_file = <path for server private key that I created> certificate_file = <new path for server.pem received from GlobalSign> ca_file = <path to ca.bundle obtained by cat intermediate.pem >> ca.bundle and cat root.pem >> ca.bundle> I run freeradius service with no issues as well as Android validates server certificate. When I tested the iOS connection the device showed me the server certificate as Not Trusted. I verified server certificate information and it is correct. If I click on the Trust button on the device screen, I can authenticate on Freeradius server with no issues. Is this behavior right? Doesn't iOS trust in server certificate signed by an intermediate chain? -- Igor Sousa