Hello, This is FreeRadius 3.0.15 (in the FreeRadius3 package on pfSense 2.3.5-p1). What has worked fine and suddenly stops working is EAP-TLS, with my Huawei Honor8 Pro Android 7.0 smartphone. Small background: my main pfSense box broke down, so I took my backup pfSense box, reinstalled pfSense, *created new CA certificate, Server certificate and User certificate*, connected my smartphone with USB cable to my PC, copied the CA cert and the User cert to the smartphone, installed them using the normal Android setting for that ('install certificates from SD card'), configured the Wireless Connection in Android, in FreeRadius told it to of course use the CA certificate and the Server certificate, customized the other settings, and. for 6 hours now I'm trying to get something to work that does not want to work. But worked yesterday --- and the years before it. Now, EAP-TLS doesn't work. If I try a simple username and password: that works. It's simply the certificates that doesn't work. Those are the errors: Wed Dec 27 01:20:58 2017 : ERROR: (5) eap_tls: ERROR: TLS Alert read:fatal:certificate unknown Wed Dec 27 01:20:58 2017 : ERROR: (5) eap_tls: ERROR: TLS_accept: Failed in SSLv3 read client certificate A Wed Dec 27 01:20:58 2017 : ERROR: (5) eap_tls: ERROR: Failed in __FUNCTION__ (SSL_read) Just to make sure: the certificate manager in pfSense generates all three certificates *and stores them*, and the FreeRadius package within the same pfSense uses two of these three certificates (once you tell you point the package to the right certificates you generate, which I did). Meaning: it's all integrated. This first error: to who is the certificate unknown? To the smartphone? I've imported it 50.000 times again, and again, and again (really). I hope somebody can help me, because it all worked for years, and I have no clue anymore what to do, after all these long hours L Thank you, Bye, PS I attached the debug log.