To perform certificate-based authentication, use the –c option with the ldm migrate-domain command. This option is mutually exclusive with the password file and alternate user options. If the –c option is not specified, the migration operation performs password authentication.
To configure SSL certificates, you must perform the steps in this task on the control domain of the source machine.
source:primary# mkdir /var/share/ldomsmanager/trust
The remote ldmd certificate is the /var/share/ldomsmanager/server.crt on the remote host. The local ldmd trusted certificate directory is /var/share/ldomsmanager/trust. Rename the remote certificate file target-hostname.pem, for example tgt-primary.pem.
source:primary# ln -s /var/share/ldomsmanager/trust/tgt-primary.pem /etc/certs/CA/
source:primary# svcadm restart svc:/system/ca-certificates
source:primary# openssl verify /var/share/ldomsmanager/trust/tgt-primary.pem /var/share/ldomsmanager/trust/tgt-primary.pem: ok
Restart or enable the service if required.
source:primary# svcs ca-certificates /var/share/ldomsmanager/trust/tgt-primary.pem: ok STATE STIME FMRI online 0:22:38 svc:/system/ca-certificates:default
source:primary# svcadm restart ldmd