Hi all, I am new to freeradius. I need to configure the radius server to support clients authenticating using two different certificate authorities.Already existing server certificate is about to expire and the requirement is to support both new and old certificates during the transition period. The Freeradius version used is 3.0.20 and testing done in raspberry pi 3. I found a similar query over https://marc.info/?l=freeradius-users&m=118050256411524&w=2 and tried to configure it as mentioned. eap eap1 { ... tls { certificate = Cert1.pem ... } } eap eap2 { ... tls { certificate = Cert2.pem ... } } authenticate { ... eap1 eap2 } But in the authorize {} section, I could configure either eap1 or eap2. If both are configured I am getting errors as below while authenticating. (1) Found Auth-Type = eap1 (1) Found Auth-Type = eap2 "ERROR: Warning: Found 2 auth-types on request for user 'hellouser'" Attaching the full log for reference. So my doubts are 1) Do we need to mention explicitly in the user file which eap method to be used as below ? Even I tried it, but it's not working. Can anyone help me with this. DEFAULT Called-Station-ID = "00112233445566:SSID1", Auth-Type := eap1 DEFAULT Called-Station-ID = "00112233445566:SSID2", Auth-Type := eap2 2) Also in my case, I won't be able to configure stations IDs as above. Is there any way to configure radius server like it should try with eap1 first and if it fails then try with eap2. Can anyone please help Thanks in advance. Regards, Jnx