Mongodb SSL - unable to get issuer certificate

Question

I am trying to configure ssl/tls with mongod on ubuntu 20.04 LTS. mongod version is 5.0.5. For generating ssl/tls, I am using ssl/ssl certificates from let's encrypt. I used this command for generating ssl/tls certificate.

sudo certbot certonly --standalone --preferred-challenges http -d example.domain.com

To configure it with mongod, I did the following steps

• Copied fullchain.pem and privkey.pem file into a folder.

• Use this command to generate mongodb.pem file for mongod.

  cat privkey.pem fullchain.pem > mongodb.pem

• For ca.pem ,I went to this URL, https://letsencrypt.org/certificates/ and downloaded Intermediate Certificates -> Active -> Let’s Encrypt R3 -> Signed by ISRG Root X1 (pem) file. Saved this file with name ca.pem in the same directory of fullchain.pem/privkey.pem files.

• Verified certificate using this command. It returned mongodb.pem: OK

  openssl verify -CAfile ca.crt mongodb.pem

• Then I configure ssl/tls configuration with mongod, Added the following lines in /etc/mongod.conf

net:
  port: 27017
  bindIp: 0.0.0.0
  tls:
    mode: requireTLS
    certificateKeyFile: /path/to/mongodb.pem
    CAFile: /path/to/ca.pem
    allowConnectionsWithoutCertificates: false

• Restarted mongod service and It is running with active (running) status.
• I am trying to connect to mongodb using the following command.

mongo --tls --tlsCAFile ca.pem --tlsCertificateKeyFile mongodb.pem --host mongodb.example-domain.com

• But I am getting this error when I try to connect to mongodb using above command,

SSL peer certificate validation failed: unable to get issuer certificate

I don't know what I am doing wrong in the whole process. If anybody can help me in this ssl/tls certificate issue. Thanks