Issues with Bigfix plugin portal and mongodb enterprise configured with SSL

I’m looking for direction. We had Bigfix plugin portal installed on Windows 2019 server with Mongodb to discover AWS instances. Everything was working alright till we change the mongodb to use SSL with a CA signed certificate.
Now Bigfix Plugin portal service is not able to talk to mongodb.

Reading HCL documents (https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Config/r_client_set.html#r_client_set__pp) , it states following two settings which needs to be configured on the “Bigfix client settings” on Plugin portal server.

I’m not sure Which certificate and x.509 file files these settings should point to?

  1. _BESPluginPortal_PersistentDeviceReport_ClientCertPath:
    In case MongoDB is configured for TLS/SSL, this client setting defines the full path of the client x.509 certificate file that the Plugin Portal must use for connecting to the MongoDB.

  2. _BESPluginPortal_PersistentDeviceReport_CACertPath
    In case MongoDB is configured for TLS/SSL, this client setting defines the full path of the Certificate Authority file that the Plugin Portal must use to validate the certificate presented by the MongoDB.

Any help is appreciated.

Thanks.

if you have enabled the TLS on MongoDB, you should have the mongod.cfg like this below:

#network interfaces
net:
port: 27017
bindIp: 127.0.0.1
tls:
mode: requireTLS
certificateKeyFile: C:\Users\Mongo installation\mongo.includeskey.pem
CAFile: C:\Users\Mongo installation\ca.cert.pem

security:
authorization: disabled

The settings of the PluginPortal have to match with this information. So, they have to be set as follow:

_BESPluginPortal_PersistentDeviceReport_CACertPath =
_BESPluginPortal_PersistentDeviceReport_ClientCertPath =
The client needs to restart after this operation.