Provide a Client-Side SSL Certificate

Most web sites do not require clients to provide an SSL certificate. To crawl a site that requires a client-side certificate, set the configuration parameters SSLClientCertificatePath and SSLClientCertificatePassword.

NOTE: The file specified by SSLClientCertificatePath must be in PKCS12 format and contain both the client-side certificate and private key. SSLClientCertificatePassword specifies the password for the private key.

You can set these parameters in the task section, for example:

[MyTask]
Url=...
SSLClientCertificatePath=my_cert.p12
SSLClientCertificatePassword=encrypted-password

Alternatively, you can set the parameters in a separate section and then refer to that section by setting ClientCertificateSections. This allows you to specify different certificates for different sites. For example:

[MyTask]
Url=...
StayOnSite=False
ClientCertificateSections=ClientCert1,ClientCert2

[ClientCert1]
SSLClientCertificateAuthorityRegex=.*site1\.example\.com.*
SSLClientCertificatePath=my_cert.p12
SSLClientCertificatePassword=encrypted-password

[ClientCert2]
SSLClientCertificateAuthorityRegex=.*site2\.example\.com.*
SSLClientCertificatePath=a_different_cert.p12
SSLClientCertificatePassword=encrypted-password