For the beginning, sorry for my English. 
My organization uses Windows Server Certification Services and RADIUS. We’ve got CA on Windows, that can issue certificates to users. We want to setup l2tp + RADIUS + Certificates + RouterOS. User certificates must be checked on RADIUS, then RADIUS will tell our mikrotik, that l2tp can be established. But when user want to connect via l2tp, in logs I see, that mikrotik try to find own certificates (inside) and not to do requests to RADIUS.
Without certificates this schema works fine.
Can anybody help with this problem?