Difference between certificate in `lxc info` and client.crt

Hello everyone,

for the setup of a new LXD server with TLS authentification I chose to add client certificates manually via lxc config trust add client.crt.

This requires that new users have to send me their (auto-generated) client certificate. The client certificate can be found in ~/snap/lxd/current/.config/lxc/client.crt. For apt installation I guess it can be found in ~/.config/lxc/client.crt.

However, I noticed that the output of lxc info shows another certificate that is different from client.crt. What is the use case of the certificate shown in lxc info?

lxc info shows the server certificate, so server.crt or cluster.crt from /var/snap/lxd/common/lxd/

1 Like

Hello @stgraber,

thank you for explaining the difference between both certificates. I’ve used a LXD client for testing purposes also as a server. That might be the reason for the server certificate shown in lxc info.

Your clarification will help to formulate user instructions correctly.