diff --git a/lxc/remote.go b/lxc/remote.go
index d236d824c605..81e1eed218f8 100644
--- a/lxc/remote.go
+++ b/lxc/remote.go
@@ -255,11 +255,19 @@ func (c *cmdRemoteAdd) addRemoteFromToken(addr string, server string, token stri
 		}
 	}
 
+	// Implicitly runs GetServer which updates the servers extensions.
 	d, err := conf.GetInstanceServer(server)
 	if err != nil {
 		return api.StatusErrorf(http.StatusServiceUnavailable, "%s: %w", i18n.G("Unavailable remote server"), err)
 	}
 
+	req := api.CertificatesPost{}
+	if d.HasExtension("explicit_trust_token") {
+		req.TrustToken = token
+	} else {
+		req.Password = token
+	}
+
 	// Add client certificate to trust store. Even if we are already trusted (src.Auth == "trusted"),
 	// we want to send the token to invalidate it. Therefore, we can ignore the conflict error, which
 	// is thrown if we are trying to add a client cert that is already trusted by LXD remote.