Hello - I'm seeing an odd message in /var/log/radius/radius.log - freeradius 3.0.20 Fri Jul 21 11:07:24 2023 : ERROR: (106416) eap_peap: ERROR: TLS Alert read:fatal:unknown CA I would expect that EAP would be failing; it's not, apparently, as users are able to connect and auth (WPA2-Enterprise). I've checked our certs (radius.companyname.crt, pem, etc) and they're up to date. When I run openssl x509 -noout -text -in <file>, everything looks good except that the first cert in the chain has FALSE rather than TRUE for this setting: X509v3 Basic Constraints: critical CA:FALSE Not sure whether or not this is a red herring. Either way, it hasn't changed since the first of June (with no new certs and no other changes ) and the error didn't start showing up in radius.log about the first of July. I haven't provided a full radiusd -X output bc it's a production machine, but can do if necessary. thanks/mh -- Death before dishonour, Nothing before coffee