How to trust self-signed LXD daemon TLS certificate in Vagrant?

Following up from another question I've got the LXD daemon running and working: $ curl --insecure https://127.0.0.1:8443 {"type":"sync","status":"Success","status_code":200,"operation":"","error_code":0,"error":"","metadata":["/1.0"]} However, when trying to start a Vagrant container with the LXD provider it doesn't like the certificate: $ vagrant up The provider could not authenticate to the LXD daemon at https://127.0.0.1:8443 . You may need configure LXD to allow requests from this machine. The easiest way to do this is to add your LXC client certificate to LXD's list of trusted certificates. This can typically be done with the following command: $ lxc config trust add /home/username/.config/lxc/client.crt You can find more information about configuring LXD at: https://linuxcontainers.org/lxd/getting-started-cli/#initial-configuration There is no client.crt anywhere on my system. lsof -p [PID of the program serving at port 8443] doesn't list any certificates. sudo locate .crt | grep lxd found only /var/lib/lxd/server.crt, but lxc config trust add /var/lib/lxd/server.crt didn't help. The configuration documentation doesn't mention having to trust a certificate. I suspect I'm supposed to communicate with the daemon using a Unix socket rather than HTTPS. How do I move forward? For the record I'm able to launch containers with for example lxc launch ubuntu:18.10 test and get a shell with lxc exec test -- /bin/bash, so LXC is working fine.