Support (m)TLS configuration for MongoDB client

[s-jairl]

Summary

Provide configuration options for the MongoDB client to specify a trusted CA and certificate/key for mutual TLS authentication.

Problem statement

Currently, the only exposed configuration for MongoDB client is connection URI. This prevents usage of a TLS encrypted connection (unless the CA is available in the OS trust store?). Furthermore, it does not enable usage mTLS ("client certificate") authentication.

Proposed solution

Provide configuration options to specify file system paths for CA certificate and client certificate/key.
Possibly add an option to explicitly enable usage of TLS (may also be specified in connection URI).

Acceptance criteria

• Provide configuration option for trusted CA certificate (example: "storage.mongodb.ca_path")
• Provide configuration option for client certificate (example: "storage.mongodb.cert_path")
• Provide configuration option for client key (example: "storage.mongodb.key_path")

Additional context (optional)

The "VC" project are planning to support mTLS authentication for MongoDB as well - perhaps there could be some coordination/shared efforts.

[leifj]

Fixed in commit d26960e. Added MongoDB TLS/mTLS configuration:

• storage.mongodb.tls_enabled: Enable TLS for MongoDB connection
• storage.mongodb.ca_path: Path to CA certificate for server verification
• storage.mongodb.cert_path: Path to client certificate for mTLS
• storage.mongodb.key_path: Path to client key for mTLS

Note: The MongoDB storage implementation needs to be updated to use these configuration values when establishing connections.