Indeed there was a mistake and I am now able to connect to the database with mongo shell. I use this command to launch the daemon:
mongod --tlsMode requireTLS --tlsCertificateKeyFile Server.cert --tlsCAFile RootCA.pem --auth --dbpath /mnt/mongoDB-One/DB_X509 --logpath /mnt/mongoDB-One/DB_X509/mongod.log --fork
And then I use this one to fire mongo shell:
mongo --tls --host localhost --tlsCertificateKeyFile Client.cert --tlsCAFile RootCA.pem
Thank you very much for all your help. You certainly gave me a number of valuable advices to reach this point.
I still have to solve a few issues. First check the handling of update-ca-certificates to properly use it. And also though I can set my CN when running openssl to use this to connect:
mongo --tls --host 127.0.0.1 --tlsCertificateKeyFile Client.cert --tlsCAFile RootCA.pem
I am not yet able to use both localhost and 127.0.0.1, and I am not able to use the IP (192.168.1.2) either. I have read that I should make use of subjectAltName, but I haven’t figured out how to do it. What I tried at this point failed.