The MongoClient supports SSL connections so it looks like there would need to be a couple configuration parameters 1) for the path to the truststore.jks and 2) another for the truststore password. You can then set the javax.net.ssl.trustStore within the code. Maybe the presence of those config parameters could then toggle the ssl option:
MongoClientOptions.builder().sslEnabled(true).sslInvalidHostNameAllowed(true).build()