To perform certificate-based authentication, use the –c option with the ldm migrate-domain command. This option is mutually exclusive with the password file and alternate user options. If the –c option is not specified, the migration operation performs password authentication.
source:primary# mkdir /var/share/ldomsmanager/trust
The remote ldmd certificate is the /var/share/ldomsmanager/server.crt on the remote host. The local ldmd trusted certificate directory is /var/share/ldomsmanager/trust. Rename the remote certificate file target-hostname.pem, for example tgt-primary.pem.
source:primary# ln -s /var/share/ldomsmanager/trust/tgt-primary.pem /etc/certs/CA/
source:primary# svcadm restart svc:/system/ca-certificates
source:primary# openssl verify /var/share/ldomsmanager/trust/tgt-primary.pem /var/share/ldomsmanager/trust/tgt-primary.pem: ok
Restart or enable the service if required.
source:primary# svcs ca-certificates /var/share/ldomsmanager/trust/tgt-primary.pem: ok STATE STIME FMRI online 0:22:38 svc:/system/ca-certificates:default
source:primary# svcadm restart ldmd