is it possible to configure the captive portal to authenticate users with their x509 certificate (via browser) ?
No, not at this time.
thanks for your reply, is there any chance this feature will be available in the next release ?
Captive portal developement is mainly done in m0n0wall. We just sync over their code and to keep syncable we don't touch this portion of the code too much. If m0n0 adds it we'll sync it over but besides that I wouldn't expect this feature in pfSense soon.