Currently the Ruby driver only allows specifying one CA certificate per client. This can be an inconvenience when an application connects to database clusters of different companies, who are using different certificate authorities.

The patch proposed in 1774 / https://github.com/mongodb/mongo-ruby-driver/pull/1319 implements the requirement to support multiple trust roots, but was originally proposed for a different reason (to support certificate chains). Intermediate certificates should not be provided as certificate authorities as this permits effective verification bypass; however, the patch itself is the same change that is needed to support multiple roots.