Description
Currently it is perfectly legal to pass `couchbase://....?certpath=?....`, however this may be confusing since the intent to specify ssl is clearly stated by the `certpath` option, but due to a simple one-letter typo, the connection might not end up actually using SSL.
Since there is no programmatic way to determine if SSL is in use, we need to be a bit more zealous in option validation.