FreeRadius + PKI

hello! this is my firts post, and i have a question to make here. I know this 
question isnt 100% about freeRadius, but i think that the technical level 
here is very high and and some of you will be able to help me.

I have a wireless network. For security reasons, i have to implement to 
things:
1º.- The new WPE security protocol that replaces WEP.
2º.- Implement a Radius server to make AAA for users. WPE introduce the 
protocol EAP/TLS to make AAA with a Radius server. 

Well, i have read the EAPTLS.pdf doc, and here is the problem. This document 
(linked on FreeRadius.org) describes the procedure to make digital 
certificates (OpenSSL) and how to install MANUALLY on each machine (clients 
and on freeradius server). Well, here is my question:

¿Is posible with FreeRadius to implement a PKI on my network? i mean, another 
Linux machine making certificates and giving them automatically (or when the 
clients and the FreeRadius server need it), and not to do it manually as it 
is described in the doc. The method of Digital Certificate to do AAA with 
FreeRadius is the best, but make it manually is a bit poor.

I will be happy it somebody can give me URL or info of how can i make it with 
linux.  For resume, the network will be as this:

client machine <----> Wireless AP<---->FreeRadius server <----> PKI machine

the "PKI machine" will generate and give the digital certificates to client 
machine and FreeRadius server to make AAA.

Thanks a lot !

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html