If I understand this logs rights, the error happening on ca certificate? ... Mon Dec 18 14:41:44 2017 : Debug: (2) eap_tls: TLS-Cert-Subject := "/C=DE/O=Deutsches BiomasseForschungsZentrum gemeinnuetzige GmbH/OU=IT/CN=CAPF-1b0db5b4/ST=Sachsen/L=Leipzig" Mon Dec 18 14:41:44 2017 : Debug: (2) eap_tls: TLS-Cert-Issuer := "/C=DE/O=Deutsches BiomasseForschungsZentrum gemeinnuetzige GmbH/OU=IT/CN=CAPF-1b0db5b4/ST=Sachsen/L=Leipzig" Mon Dec 18 14:41:44 2017 : Debug: (2) eap_tls: TLS-Cert-Common-Name := "CAPF-1b0db5b4" Mon Dec 18 14:41:44 2017 : ERROR: (2) eap_tls: SSL says error 26 : unsupported certificate purpose Mon Dec 18 14:41:44 2017 : Debug: Ignoring cbtls_msg call with pseudo content type 256, version 0 Mon Dec 18 14:41:44 2017 : Debug: (2) eap_tls: >>> send TLS 1.0 Alert [length 0002], fatal unsupported_certificate Mon Dec 18 14:41:44 2017 : ERROR: (2) eap_tls: TLS Alert write:fatal:unsupported certificate Mon Dec 18 14:41:44 2017 : Error: tls: TLS_accept: Error in error Mon Dec 18 14:41:44 2017 : ERROR: (2) eap_tls: Failed in __FUNCTION__ (SSL_read): ../ssl/statem/statem_srvr.c[2896]:error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed Mon Dec 18 14:41:44 2017 : ERROR: (2) eap_tls: System call (I/O) error (-1) ... Robert