http://docs.mongodb.org/manual/tutorial/configure-ssl/ starts off with setting up MongoD and MongoS with SSL using a self-signed certificates without high-lighting the risks with self-signed certificates i.e. being susceptible to MITM attacks.

A security aware person may know the differences and make appropriate choices to have a verified SSL setup, but most of our users depend on documentation to highlight any such risks. This came up recently in the linked CS ticket and I believe adding some warning there and to mention that using self-signed certificate is not something we suggest for normal deployment would be useful.

In it's current form, it looks like we suggest using self-signed certificates (since we are providing steps to create one without any further warning).