MAAS uses a self signed certificate to communicate with LXD. MAAS will automatically add the certificate to LXD when you connect with a password.
If you do not want to authenticate with a password you can manually add the certificate for each rack controller to your LXD Pod. The certificates are stored in /etc/maas/certificates/ or /var/snap/maas/common/certificates. MAAS will automatically renew the certificates before they expire, if password authentication is disabled you’ll have to manually readd the certificates again.