I'd like to run FreeRADIUS for EAP TLS authentication but instead of running my own Certification Authority I'd like to use StartSSL. I've setup EAP TLS with StartCom as the only Trusted Root CA and that works ok, but means anyone with a StartSSL Certificate could connect to my network. I would like to allow access based on the client certificate Common Name something like check_cert_cn = *@exampl