diff --git a/autotests/misc/certs/cert-client.crt b/autotests/misc/certs/cert-client.crt
new file mode 100644
index 00000000..fb363f59
Binary files /dev/null and b/autotests/misc/certs/cert-client.crt differ
diff --git a/autotests/misc/certs/cert-client.p12 b/autotests/misc/certs/cert-client.p12
new file mode 100644
index 00000000..e57a1bfd
Binary files /dev/null and b/autotests/misc/certs/cert-client.p12 differ
diff --git a/autotests/testEAP-TLS/connection_test.py b/autotests/testEAP-TLS/connection_test.py
index 1e390e69..c90b0ceb 100644
--- a/autotests/testEAP-TLS/connection_test.py
+++ b/autotests/testEAP-TLS/connection_test.py
@@ -66,11 +66,15 @@ class Test(unittest.TestCase):
     def test_eap_tls3(self):
         self.do_test_connection_success('ssidEAP-TLS3', 'abc')
 
+    def test_eap_tls4(self):
+        self.do_test_connection_success('ssidEAP-TLS4')
+
     @classmethod
     def setUpClass(cls):
         IWD.copy_to_storage('ssidEAP-TLS.8021x')
         IWD.copy_to_storage('ssidEAP-TLS2.8021x')
         IWD.copy_to_storage('ssidEAP-TLS3.8021x')
+        IWD.copy_to_storage('ssidEAP-TLS4.8021x')
 
     @classmethod
     def tearDownClass(cls):
diff --git a/autotests/testEAP-TLS/hw.conf b/autotests/testEAP-TLS/hw.conf
index 44cd4239..0ce95320 100644
--- a/autotests/testEAP-TLS/hw.conf
+++ b/autotests/testEAP-TLS/hw.conf
@@ -1,8 +1,9 @@
 [SETUP]
-num_radios=4
+num_radios=5
 tmpfs_extra_stuff=../misc/certs
 
 [HOSTAPD]
 rad0=ssidEAP-TLS.conf
 rad1=ssidEAP-TLS2.conf
 rad2=ssidEAP-TLS3.conf
+rad3=ssidEAP-TLS4.conf
diff --git a/autotests/testEAP-TLS/ssidEAP-TLS3.8021x b/autotests/testEAP-TLS/ssidEAP-TLS3.8021x
index 1d9225f1..03d571e9 100644
--- a/autotests/testEAP-TLS/ssidEAP-TLS3.8021x
+++ b/autotests/testEAP-TLS/ssidEAP-TLS3.8021x
@@ -1,7 +1,7 @@
 [Security]
 EAP-Method=TLS
 EAP-TLS-CACert=/tmp/certs/cert-ca.pem
-EAP-TLS-ClientCert=/tmp/certs/cert-client.pem
+EAP-TLS-ClientCert=/tmp/certs/cert-client.crt
 EAP-TLS-ClientKey=/tmp/certs/cert-client-key-v2-des-ede3.pem
 EAP-Identity=abc@example.com
 
diff --git a/autotests/testEAP-TLS/ssidEAP-TLS4.8021x b/autotests/testEAP-TLS/ssidEAP-TLS4.8021x
new file mode 100644
index 00000000..61523310
--- /dev/null
+++ b/autotests/testEAP-TLS/ssidEAP-TLS4.8021x
@@ -0,0 +1,9 @@
+[Security]
+EAP-Method=TLS
+EAP-TLS-CACert=/tmp/certs/cert-ca.pem
+EAP-TLS-ClientKeyBundle=/tmp/certs/cert-client.p12
+EAP-TLS-ClientKeyPassphrase=abc
+EAP-Identity=abc@example.com
+
+[Settings]
+AutoConnect=False
diff --git a/autotests/testEAP-TLS/ssidEAP-TLS4.conf b/autotests/testEAP-TLS/ssidEAP-TLS4.conf
new file mode 100644
index 00000000..41c63c95
--- /dev/null
+++ b/autotests/testEAP-TLS/ssidEAP-TLS4.conf
@@ -0,0 +1,13 @@
+ctrl_interface=/var/run/hostapd
+hw_mode=g
+channel=4
+ssid=ssidEAP-TLS4
+
+wpa=3
+wpa_key_mgmt=WPA-EAP
+ieee8021x=1
+eap_server=1
+eap_user_file=/tmp/certs/eap-user-tls.text
+ca_cert=/tmp/certs/cert-ca.pem
+server_cert=/tmp/certs/cert-server.pem
+private_key=/tmp/certs/cert-server-key.pem