Currently, there is only the tlsCertificateKeyFile option (https://docs.mongodb.com/manual/reference/connection-string/) but the file must contain both certificate and key (mongo/options/clientoptions.go).

The crypto/tls package provides the LoadX509KeyPair function that "reads and parses a public/private key pair from a pair of files."  In light of this, it should follow that the mongo-go-driver also provide 2 connection string options for specifying the client certificate and client key files separately.  Using new option names will provide full compatibility.