Couchbase Server 7.1 introduces several security enhancements for TLS certificates, including support for multiple certificate authorities, encrypted TLS private keys, additional TLS certificate formats, and cluster-wide TLS version 1.3. These changes aim to provide more flexibility and security in managing and using TLS certificates in clusters, such as allowing different certificate chains for application-to-cluster network encryption and client authentication, preventing unauthorized access to encrypted private keys, and improving the overall security of data transmitted over the network.