Secure a Replication
Securing a replication means that either the administrator password that is sent to the remote cluster, or both the password and the data itself, is transmitted securely.
Overview
By default, for inter-cluster communications, XDCR transmits both password and data in non-secure form. Optionally, a secure connection can be enabled between clusters, in order to secure either password alone, or both password and data.
Note that if the password received by the destination cluster requires
authentication by an LDAP server, the destination cluster communicates with
the LDAP server in plain text, using saslauthd.
This is described in
Configure
saslauthd.
A secure XDCR connection is enabled either by SCRAM-SHA or by TLS — depending on the administrator-specified connection-type, and the server-version of the destination cluster. Use of TLS involves certificate management: for an overview of certificates, see Certificates. For specific details on how to prepare and handle certificates for servers and clients, see Manage Certificates.
The following security-levels are supported:
-
Half-secure: Secures the specified password only: it does not secure data. The password is secured:
-
By hashing with SCRAM-SHA, when the destination cluster is running Couchbase Enterprise Server 5.5 or later.
-
By TLS encryption, when the destination cluster is running a pre-5.5 Couchbase Enterprise Server.
The root certificate of the destination cluster must be provided, for a successful TLS connection to be achieved. If this certificate is provided and a SCRAM-SHA connection is achieved, the certificate is ignored. The root certificate can be obtained by accessing the Root Certificate tab, on the Security screen for the remote cluster: copy the certificate from the interactive panel in which it appears.
For step-by-step instructions, see Enable Half-Secure Replications.
-
-
Fully secure: Handles both authentication and data-transfer via TLS. For step-by-step instructions, see Enable Fully Secure Replications.