crawler.sslTrustEveryone

Trust all root certificates and ignore server hostname verification if true. This bypasses all certificate and server validation by the HTTPS library, so every server and certificate is trusted. It can be used to overcome problems with unresolvable external certificate chains and poor certificates for virtual hosts, but may allow server spoofing.

The default value is set to "true" to enable crawling of most HTTPS sites.

Set this configuration key in the search package or data source configuration.

Use the configuration key editor to add or edit the crawler.sslTrustEveryone key, and set the value. This can be set to any valid Boolean value.

If you are crawling a site or sites which have signed valid certificates then you may wish to set this parameter to "false" to prevent server spoofing: