Connecting to an encrypted mongod from an unencrypted mongo shell generates this clear server log:
however, from the mongo shell, the user sees:
which leaves no helpful clue about how to fix the issue. In a perfect world we would print something helpful like "ERROR: Cannot connect to encrypted server with unencrypted mongo shell. Try running mongo with --ssl." This could prove to be too complicated and hackish to implement properly, but would be nice for usability.