Propagate errors loading CA files or client certificates to error sooner.

Background

Failure to set-up TLS often does not return an immediate error. For example, failure to load a CA file in Secure Transport logs an error, but does not return.

Similarly, loading a non-existent CA file on Windows secure channel logs an error message, but does not propagate an error.

https://github.com/mongodb/mongo-c-driver/pull/1758 notes a case where an invalid path is given, but TLS surprisingly succeeds due to the system having the needed cert installed:

mongoc_client_t *client = mongoc_client_new ("mongodb://localhost:27017/?tls=true&tlsCAFile=/nonexistant/ca.pem");
   mongoc_client_command_simple (client, "admin", tmp_bson ("{'ping': 1}"), NULL, NULL, NULL); // Logs error, but may return true if CA file is loaded from system store.

Propagating TLS errors sooner may help users identify invalid configuration.