I am migrating my radius server to a new Azure server, so I am setting this back up. Last time, I set up a 2012r2 radius server as a CA and created a certificate directly on the server that I then pushed out with GPO. I am doing basically the same thing again, but with a GoDaddy certificate. I am following the guide here:
If so, have you ticked the box saying what is allowed to be the root CA server to be used to verify the RADIUS server certificate, and is that by chance still set to your old enterprise CA certificate?