Since we started to use virt-v2v on el9 for cold migrations (to the local cluster) from vSphere, secure migration practically stopped working as the fingerprint is not enough, we should rather get a certificate and set it for virt-v2v (for dropping the no_verify=1 parameter) for certificate authorities that are not in the system pool.

This should be verified by migrating from a vSphere provider (with SDK endpoint of vCenter or ESXi) that is not set with the "skip certificate validation" property (via the API, the provider should be set with insecureSkipVerify=false or without specifying insecureSkipVerify). The certificate can be either retrieved from the `services` service that returns a certificate for a given URL or from the vCenter/ESXi directly.