DOCSP-44856: x509 authentication fixes

Author: norareidy

source/fundamentals/authentication.txt

@@ -286,8 +286,18 @@ When you specify this authentication mechanism, the server authenticates
 the connection by reading the following files:
 
 - A certificate authority (CA) file, which contains one or more
-  certificate authorities to trust when making a TLS connection
-- A certificate key file, which references the client certificate private key
+  certificate authorities to trust when making a TLS connection.
+  Before connecting to the server, the driver uses this file to verify that the
+  server's certificate is from the specified certificate authorities.
+
+- A certificate key file, which contains the client certificate 
+  and private key. The driver presents this file to the server to
+  verify the client.
+
+.. tip::
+
+   To learn more about X.509 certificates, see
+   :manual:`x.509 </core/security-x.509/>` in the {+server+} manual.
 
 To specify the ``MONGODB-X509`` authentication mechanism, set the
 ``mechanism`` field of your ``Credential`` struct to

source/includes/fundamentals/code-snippets/auth.rs

@@ -80,7 +80,7 @@ async fn main() -> mongodb::error::Result<()> {
         tlsCertificateKeyFilePassword = "<password for client key>"
     );
     let mut client_options = ClientOptions::parse(uri).await?;
-    let x509_cred = Credential::builder().mechanism(AuthMechanism::MongoDbAws).build();
+    let x509_cred = Credential::builder().mechanism(AuthMechanism::MongoDbX509).build();
 
     client_options.credential = Some(x509_cred);
     let client = Client::with_options(client_options)?;