Couchbase Server 5.0 introduced X.509 certificate authentication as a remedy to the limitations of traditional password-based authentication mechanisms, particularly in high-scale applications with micro-service architectures. Certificate-based authentication allows users to securely access a server by exchanging digital certificates instead of usernames and passwords, thereby preventing common problems such as phishing, keystroke logging, and man-in-the-middle attacks. The X.509 public key infrastructure standard is used for certificate authentication, which offers stronger security through mutual authentication between the client and server during the TLS handshake. In Couchbase Server 5.5, this feature has been enhanced to support various services and interfaces, including N1QL, Indexing, XDCR, Search, and the Couchbase Web UI and REST endpoints. The configuration of certificate-based authentication requires specifying a path, prefix, and delimiter to extract the user name from the certificate, with a maximum limit of 10 path expressions and mandatory specification of all fields in the expression.