It's not acceptable for me as well to have downtime when switching auth on.
You could solve it this way:
1) Add some auth token to your mongo database(s) using db.addUser("user", "pw"). Since mongo runs still without --keyFile option, mongo should ignore the auth tokens and behave normally.
2) Modify your application so it passes user/pw to mongoDB. Since mongo runs still without --keyFile option AND does not have any ADMIN user, mongo should ignore the auth tokens and behave normally.
3) Restart successively all servers with --keyFile option. Begin with slaves and then stepDown the master, so there is no downtime. ConfigServer and router are redundant so there is no downtime. However, this would require that mongoDB does not yet requires authentication as long as no ADMIN user has been registered.
4) Connect to the router and add an user to the admin database. Now, BOTH conditions (running with --keyFile option AND having at least one admin user) are true, hence mongo should now require authentication.
The advantage of this procedure is also that you could undo very fast mongo's authentication (just by removing the admin user) in case that some mongo clients had not been prepared for authentication or someting else went wrong with authentication.