Problem Statement/Rationale

Our server is using certificates from Let's Encrypt, but when I try to connect it hangs for a minute or so, before finally giving up with 'certificate has expired'.

Could this be caused by the recent expiry of the Let's Encrypt root certificates? I believe this was working before, though it's been a while since I last connected so I can't tell for sure.

I'm using the SSL value 'System CA / Atlas Deployment', but only 'Unvalidated (insecure)' works.

Is there any way to verify if this is indeed caused by the expiry of the Let's Encrypt Root Cert?

Steps to Reproduce

It's a bit of a lengthy setup, but the gist of it is that we have a DigitalOcean droplet with MongoDB installed. After fetching certs with certbot, a file is generated using

cat /etc/letsencrypt/live/example.com/fullchain.pem /etc/letsencrypt/live/example.com/privkey.pem > /etc/ssl/mongo.pem

This file is referenced in mongod.conf:

net:
  tls:
    mode: requireTLS
    certificateKeyFile: /etc/ssl/mongo.pem

Then I try to connect to the database in Compass with SSL set to 'System CA / Atlas Deployment'.

Expected Results

It connects.

Actual Results

'certificate has expired'