Hi Steve
Microsoft supports EAP TTLS in our upcoming is release of Windows 8 . That said PEAP MSChapv2 is as modern as an EAP TTLS and is a very widely and simply deployed method. I have personally used the freeradius peap mschapv2 pretty much out of the box. As far as the certificate error you saw earlier that was due to the nature of design of a modern secure authentication method which gave supported security feature like Server Certificate Validation enabled by default. If you just go through the net you will find tonnes of peap mschapv2 working eap.conf's and I suggest you compare yours to the ones available for the authentication to work. Also if you are looking for ttls only you can test with the beta of windows 8 and become one of our early adopters when it releases.
Thanx and Regards
Aman Arneja
Sent from my Windows Phone