Yes, the cert-clt.p12 is imported to the personal and the cacert.pem is in the trusted root certificates. I was looking at another document that was putting chmod 0444 on the cert-clt.p12 and chmod 0400 on the cacert.pem. Then, chown to radius:users on both. Is that necessary? Thanks, Bryant. You don't need users file if all user/pass information is stored in AD. Can you check if imported certificate is in "Trusted Root" and not some other certificate folder. I can't think of any other reason why the conversation wouldn't start with your network configuration. Ivan Kalik Kalik Informatika ISP -- View this message in context: http://www.nabble.com/Need-help-with-802.1X-authentication-to-Active-Directo... Sent from the FreeRadius - User mailing list archive at Nabble.com.