Provide a Client-Side SSL Certificate
Most web sites do not require clients to provide an SSL certificate. To crawl a site that requires a client-side certificate, set the configuration parameters SSLClientCertificatePath
and SSLClientCertificatePassword
.
NOTE: The file specified by SSLClientCertificatePath
must be in PKCS12 format and contain both the client-side certificate and private key. SSLClientCertificatePassword
specifies the password for the private key.
You can set these parameters in the task section, for example:
[MyTask] Url=... SSLClientCertificatePath=my_cert.p12 SSLClientCertificatePassword=encrypted-password
Alternatively, you can set the parameters in a separate section and then refer to that section by setting ClientCertificateSections
. This allows you to specify different certificates for different sites. For example:
[MyTask] Url=... StayOnSite=False ClientCertificateSections=ClientCert1,ClientCert2 [ClientCert1] SSLClientCertificateAuthorityRegex=.*site1\.example\.com.*
SSLClientCertificatePath=my_cert.p12 SSLClientCertificatePassword=encrypted-password [ClientCert2] SSLClientCertificateAuthorityRegex=.*site2\.example\.com.*
SSLClientCertificatePath=a_different_cert.p12 SSLClientCertificatePassword=encrypted-password