We have a peculiar problem, there are 3 regions from which we collect data. Each region data should maintain its own integrity for various purposes.
The indexers, search heads and primary deployment server are in the 4th region. Now we use a secondary deployment server in each region which poll to primary DS, the secondary DSs also act as HF to forward data to the common indexers in the 4th region.
Now the requirement is to secure the forwarded data using different certificates for each location. Server certificate could be same but the client certificates should be unique for each region.