You can configure the RSA RADIUS server to handle Extensible Authentication Protocol-Tunneled Transport Layer Security (EAP-TTLS) authentications. RSA RADIUS requires the following certificates to handle authentication requests made using the EAP-TTLS protocol:
A server certificate for each RADIUS server, which is used by a RADIUS client to verify the identity of the RADIUS server. A server certificate is installed on each RADIUS server by default.
A trusted root certificate, which is used by a RADIUS server to verify the identity of a RADIUS client. Root certificates are not installed on the RADIUS server by default.