I am helping my school IT set up a RADIUS authentication system using PEAP/EAP-TTLS. We are able to achieve successful connection with the user devices, but the users need to accept a "Not trusted" self-signed certificate.
I am considering using the free LetsEncrypt to generate such a certificate. However, LetsEncrypt uses domain validation, which is not possible at this moment. I have a personal website that uses LetsEncrypt.
I copied the fullchain.pem, privkey.pem and cert.pem, and import all of them(privkey.pem failed to get imported). We are using a Windows 7 system, and is using TekRadius as server. Although the fullchain and cert are imported successfully, I can only see the client-authentication cert in the dropdown list. I need Server-Authentication to contain the cert so that I can add it to the users.
Pardon my limited knowledge as I am basically trying out possibilities without fully understanding the technology(I am helping my IT department due to my technical knowledge, though it is not my main job to set up network).
Is it even possible to "recycle" my valid personal certificate to be used in the RADIUS server?