I managed to do it: 1) Use the httpclient plugin 2) Remove protocol registration in the first lines of the method "configureClient()" in org/apache/nutch/protocol/httpclient/Http.java 3) Compile and deploy the plugin 4) Add the client certificate (+private key) to your keystore 5) Add the server certificate(s) as trusted certificates to a truststore
Specify the properties javax.net.ssl.trustStore, javax.net.ssl.keyStore, javax.net.ssl.keyStorePassword javax.net.ssl.trustStorePassword (e.g. by command line) and start crawling. I hope this will someday help someone. Best, Benjamin
