Web GUI Authentication with Client Certificate?
I couldn't find any reference to it, but prior to submitting (an admittedly low priority) feature request for it I thought I would ask. Can you authenticate to the WebGUI using a client SSL certificate?
I second that this would be a useful feature - and given the limited number of people who need access to the pfSense webGUI in most environments and the existing pfSense user certificate infrastructure, mutual TLS/cert-based TLS client authentication would seem a natural fit.
eroper, if you submit a feature request, can you link it here so I can track?
This might also be worth integrating with the discussion of multi-factor systems for the webGUI: https://forum.pfsense.org/index.php?topic=72780.0.
Can't you just authenticate the webgui with RADIUS and do your multi-factor there?