Use an SSL Certificate
As a security best practice, periodically rotate the XDCR certificates and also make sure that you instantiate a new certificate on the remote cluster.
The following example is a self-signed SSL/TLS certificate obtained on the cluster. Clickto reach the certificate.
When creating the cluster reference, if the SSL certificates are not the same on the destination and source clusters, the following error message displays:
Attention - Got certificate mismatch while trying to send https request to HOST:18091
The SSL certificates can become mismatched, such as when the certificate on the destination cluster is regenerated, and the source cluster is not updated with the new certificate.
In this case, vBucket replication stops and the following error message displays:
Error replicating vbucket <bucketNumber>.
Please see logs for details.