I'm moving a mongodb server to production on my Ubuntu machine. I got an ssl certificate signed by a third party and installed it on the server. Clients are able to connect to it using their system's CA and validate the server's identity.
However, the mongodb website mentions client certificates.
Am I able to generate them since the CA is a third party?
I tried using openssl to generate these by passing my server's certificate and key, but it is also asking for a server.srl which I do not have.
I'm not sure what to do to generate these, or if I need them. I assume they would be an added layer of security as I will be able to verify client's identity in addition to them verifying mine.
Thanks!
