From this article
the requirements for the certificate for internal authentication are the following:
The Distinguished Name (DN), found in the member certificate’s subject, must specify a non-empty value for at least one of the following attributes: Organization (O), the Organizational Unit (OU) or the Domain Component (DC).
But in Let’s Encrypt certificate the Subject only contains domain name like this: CN = mongo-cl-01.example.com
I’m right in my assumption, that the issue can be, that there is no OU, O or DC in the Subject of Let’s Encrypt certificate ?