+ 0 Votes Is it a inded a valid certificate? roberto 6 years ago As the title states, are you positive the server certificate is not valid...? Depending on "how" you are authenticating the wireless clients (Cisco ACS, Windows, etc) the certificate that is installed on whatever device performs the authentication could have been entered in the list of trusted certificates on your domain, and thus be valid. + 0 Votes Thanks for your reply summers 6 years ago Thanks, Roberto. Maybe my question is if server certificate verification mandatory or not in TLS negotiation. If wireless user trust server certificate without verification, then I do not think wireless client need the Root certificate. That means I do not need to check "Validate server certificate".