Hello !
By default, OpenSSL uses PEM format, so if you didn't specify a certificate format of DER, then its a PEM encoded cert. If you look at the cert in a text viewer/editor, you'll see lines that have "--- BEGIN CERTIFICATE---" and "---END CERTIFICATE---" if its PEM encoded.
The certificate is in PEM format. Isn't there anybody that can verify how the eap.conf file should be ? tls { # private_key_password = XXXXXXXXX # private_key_file = ${raddbdir}/certs/somecertificate.cer certificate_file = ${raddbdir}/certs/somecertificate.cer CA_file = ${raddbdir}/certs/demoCA/cacert.pem dh_file = ${raddbdir}/certs/dh random_file = ${raddbdir}/certs/random # fragment_size = 1024 # include_length = yes # check_crl = yes # check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd" # check_cert_cn = %{User-Name} # cipher_list = "DEFAULT" }