You didn't give much information on how your Parse Server is setup, but in my opinion the easiest way to accomplish what you want is to have a reverse proxy sitting between the clients and your Parse Server.
Like in this diagram:
In this setup, your clients are in the leftmost side and they access your servers through the internet; your Parse Server (and maybe your Mongo database) is located in the rightmost side of the picture (label "Servers") and the reverse proxy is in the middle. There are many reverse proxies on the market so you are free to pick the one that suits you the most, but my favourite is Nginx.
The reverse proxy is place where you will install the SSL certificate and it will be responsible to receive the requests from your clients. The clients will never access your servers directly (Parse & MongoDB). All connections will go through the reverse proxy; you just need to configure to reverse proxy to redirect the connections to the correct server (based on port, URL or any other option that you want).
As for the old clients that still access your server through http, without a SSL certificate, you can also configure the reverse proxy to redirect any http request to https before you send the request to the final destination.
Answering your last question: no, you don't need a SSL certificate on MongoDB. The SSL certificate that you install in the reverse proxy is enough.
