Question: LXD installed via ppa does not use system pki trust, how do I tell LXD to trust the new CA or cert issued by the mitm proxy?
I have an internal CA which is trusted by my server. This CA is used to back an MITM ssl bump proxy.
With said proxy between host & images.linuxcontainers.org lxd fails with the following:
Error: Failed container creation: Get https://cloud-images.ubuntu.com/releases/streams/v1/index.json: x509: certificate signed by unknown authority
So far, my CA has been imported into the system ca-certificates. I tried lxc trust add *
and lxc remote remove
+ lxc remote add
to pull in the new server certificate from the proxy and I am coming up dry on those attempts.