Hi, > Doesn't it just use server.cnf to set the password for the key and the CSR? server.cnf is for openSSL - applications such as FreeRADIUS and Apache have their own configuration files for private certificate keys etc - eap.conf in your case alan