To enable TLS for Replica Of cluster connections:

  1. For each cluster hosting a replica:

    1. Go to Cluster > Security > Certificates.

    2. Expand the Replica Of and Active-Active authentication (Syncer certificate) section.

      Syncer certificate for Replica Of and Active-Active authentication.

    3. Download or copy the syncer certificate.

  2. From the Security tab of the Replica Of source database, select Edit.

  3. In the TLS - Transport Layer Security for secure connections section, make sure the checkbox is selected.

  4. In the Apply TLS for section, select Between databases only.

  5. Select Mutual TLS (Client authentication).

    Replica Of TLS authentication configuration.

  6. Select + Add certificate, paste or upload the syncer certificate, then select Done.

    Repeat this process, adding the syncer certificate for each cluster hosting a replica of this database.

  7. (Optional) To require TLS for client connections, change Apply TLS for to Clients and databases + Between databases and add client certificates.

  8. Select Save.