A newer version of this documentation is available.

View Latest

XDCR Data Security

Manage XDCR data security settings.

The data replicated between clusters can be encrypted in both uni-directional and bi-directional replications.

When you use Secure Cross Datacenter Replication (XDCR), all traffic from the source and destination data centers will be encrypted. Encryption causes a slight increase in the CPU load since it requires additional CPU cycles.

Enable XDCR Data Security

To enable XDCR data security using SSL and create replication:

  1. On the destination cluster, navigate to Settings  Cluster and copy the certificate.

    (Optional) To regenerate the existing destination certificate, click Regenerate before copying.

  2. In the source cluster, select the XDCR tab.

  3. In the Remote Clusters panel, click Create Cluster Reference to verify or create the cluster reference.

  4. Select the Enable TLS Encryption box and paste the certificate in the provided area and click Save.

    xdcr createreference
  5. In the Ongoing Replications panel, click Create Replication, provide the cluster and bucket information, and click Replicate. If this is an existing replication that is simply enabling TLS the replication will automatically restart to enable the SSL communication. During restart XDCR will use the last check point of the replication stream.