From the official MongoDB documentation, MongoDB supports x.509 certificate authentication for client authentication and internal authentication of the members of replica sets and sharded clusters.
The Documentation further states, MongoDB deployment should use valid certificates generated and signed by a certificate authority. However, using a private certificate authority can be quite costly, and as we will be deploying this MongoDB into a private subnet and infrastructure we decide to use self-signed certificates.
A machine with installed Openssl will be required to generate the certificates. From MongoDB’s official documentation the following requirements must be satisfy: