I have tested selfsing certificate, it works. I had to copy the ca.cert into windows client. Pretty much what this link describes. http://kirkkosinski.com/2012/10/securing-wi-fi-with-peap-and-freeradius-on-c... Now, i have signed certificate from our CA added into eap.conf then imported ca.pem into windows machine. 7 machine and try to authenticate, it always fails. but If I check off the validate server certificate on M$$$$$client machine it works. I have following in my eap.conf tls { certdir = ${confdir}/certs cadir = ${confdir}/certs private_key_file = ${certdir}/myhost.example.key certificate_file = ${certdir}/myhost.example.crt CA_file = ${certdir}/ca.pem dh_file = ${certdir}/dh random_file = /dev/urandom fragment_size = 1024 include_length = yes check_crl = no cipher_list = "DEFAULT" } freeradius version is freeradius-2.1.10-5.el6.x86_64 and Red Hat Enterprise Linux Server release 6.1 This M$ is giving me nightmare :) any idea on this would be great