@nima.m:
Hoba,
What make SSL for WebGUI more secure ?
I notice that in menu –> Advanced --> webGUI SSL
It has both SSL and private key.
But pfsense never use that private key.
I test this function and it seams that right now, pfsense establish a secure (encrypted) tunnel for WebGUI communication, but it doesn't require the user that have the same private key as the pfsense for establishing the connection.
Am I right or I have missed something and there is a way for usiing that private key.
Yeah, you kinda missed something :) The private key is so you can load an X.509 cert into the gui that you signed with a trusted CA to you as opposed to the pfSense default signed cert. The webGUI doesn't require a client cert, nor does it use client cert for auth - maybe some day if someone is interested in making it work.
–Bill