Use an SSL Certificate

As a security best practice, periodically rotate the XDCR certificates and also make sure that you instantiate a new certificate on the remote cluster.

The following example is a self-signed SSL/TLS certificate obtained on the cluster. Click Security  Root Certificate to reach the certificate.

xdcr ssl cert

XDCR Data Security Error Messages

When creating the cluster reference, if the SSL certificates are not the same on the destination and source clusters, the following error message displays: Attention - Got certificate mismatch while trying to send https request to HOST:18091

The SSL certificates can become mismatched, such as when the certificate on the destination cluster is regenerated, and the source cluster is not updated with the new certificate. In this case, vBucket replication stops and the following error message displays: Error replicating vbucket <bucketNumber>. Please see logs for details.