Currently to connect with a client cert when using x509 it can be a little confusing, the user has to choose x509 from Authentication, fill in their username (prefixed with 'CN=' for atlas users) and then in the 'More Options' tab the user then has to select 'SSL' ->  'Server and Client Validation' and use the pem in both certificate and private key fields. The Certificate Authority in this case isn't used, and could be not included as it probably generates confusion.

To improve this I think we could show a warning when x509 is selected and the user has selected an invalid SSL method.