the requirements for the certificate for internal authentication are the following:
The Distinguished Name (DN), found in the member certificate’s subject, must specify a non-empty value for at least one of the following attributes: Organization (O), the Organizational Unit (OU) or the Domain Component (DC).
But in Let’s Encrypt certificate the Subject only contains domain name like this: CN = mongo-cl-01.example.com
What can I do to acquire OU, O or DC in the Subject of Let’s Encrypt certificate ?
Very simple: you can't. Let's Encrypt only issues Domain Validation certificates with information they can automatically validate. And that's just the hostname.
Assuming these are all servers you control and nobody external is connecting to them you can run your own certificate authority, you just install the CA root on all your machines, then all your certs are trusted. See for example: step-ca open source server — Smallstep