Request Do not require elevated privileges to handle CA and CRL files for Windows Secure Channel.

Background

Windows Secure channel handles the option mongoc_ssl_opt_t::ca_file (equivalently the URI option tlsCAFile) and mongoc_ssl_opt_t::crl_file options by importing them into the System Local Machine Store.

This has the consequence of requiring elevated privileges. As noted in this comment running as a non-admin user resulted in:

Error opening certificate store: (0x00000005) Access is denied.

The server appears to instead use a memory store. I expect the C driver could do similar to avoid requiring extra privileges.

Motivation I expect this is low priority. This was discovered internally. Importing has used the local machine certificate store since introduced. And if a user is unable to run with elevated privileges, they can import the CA / CRL using a separate tool (e.g. certmgr)