Hi, I am trying to use an ESP8266 to connect to a network using freeradius, I have confirmed that the fault is not due to freeradius but since the code in the SDK for the device is closed, I am limited in what I can do to resolve the problem. The server is configured and is working fine with EAP-PEAP using MSCHAPv2 auth, which the device is supposed to support. Other devices and eapol_test confirm that the radius server is setup correctly. When the device attempts to authenticate the following in the freeradius debug output is observed. [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 7 [peap] Length Included [peap] eaptls_verify returned 11 [peap] <<< TLS 1.0 Alert [length 0002], fatal bad_certificate TLS Alert read:fatal:bad certificate TLS_accept: failed in unknown state rlm_eap: SSL error error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate SSL: SSL_read failed inside of TLS (-1), TLS session fails. My assumption is that the device is erroneously trying to tell the server that it is providing a client certificate, which it obviously is not, but I do not know enough about TLS to verify this and would love some feedback if anyone is a guru in this area. Even if I provide a client certificate the above error still occurs, clearly the fault is in the binary blob that Espressif provides. -- Kind Regards, Geoffrey McRae HostFission Server Management & Monitoring W: https://hostfission.com P: +61 2 9037 0321