I have FreeRadius server on Ubuntu, UniFi gateway as client and Windows PC as endpoint. I generated all the certificates and added them on machine according to (link in comment).

Keys were initially added to user stores on endpoint, while debugging I also added them to machine stores. All keys (ca, server, client) are successfully verified both on Windows and with openssl -verify on Linux. I've added ca certs to ca-certificates (got error "CA not found" before). I also tried to use set of keys generated with openssl on Windows (same results).

Eventually, I stumbled on problem I cannot solve. When trying to connect, I get error in "freeradius -X":

eap_tls: (TLS) The client is informing us that there is a failure inside the TLS protocol exchange

I double checked the config and don't see anything suspicious. In event viewer on the client there is a message with error code I cannot find anywhere in the internet:

Authentication failed for EAP method type 13. The error was 0x90090318.

I suppose that this is some easy problem, but it's hard for me with Linux terminal and googling for commands all the time.

Any ideas how to further debug this?