httpsTrustStorePath

Path to a JKS/PKCS12 trust store used to verify HTTPS scrape targets signed by a custom or private CA (e.g. an internal corporate CA), without disabling validation entirely. Empty (default) uses the JDK default trust store. Ignored when trustAllX509Certificates is enabled. Resolved from CLI → HTTPS_TRUST_STORE_PATH env var → agent.http.trustStorePath config.