Hi,
Thank you for your answer, but it doesn't work. I don't see where you can declarate this certificate. There is field CAfile, but it is related to the authentication of the client (EAP-TLS). Furthermore, if I use this field with all the certificates concatenated, freeradius complains it is not readable.
well, ensure that FreeRADIUS can READ that file (chmod/file permissions) and ensure it contains only valid data. ensure that certificate_file contains the server cert, the intermediates and the root CA (in a format that can be read - eg PEM/CRT) and DONT use CA_file if the client doesnt know/trust the root CA then it SHOULD complain. use a deployment tool to get the root CA onto the client..ensure your client has correct security settings (trust the CA, check the commonname of the RADIUS certificate) alan