Take a backup of the device certificate on the DR location. In the event your production traffic is getting routed to the DR location, you can import the device certificate from the config backup taken from production nodes. Once you re route back the traffic from DR location to the production cluster, you can then re-import the DR device certificates. Its a manual process everytime DR location is going to get traffic.
... View more