self signed certificates broken with new requests

[RafalSkolasinski]

We used to set CURL_CA_BUNDLE="" in order to work properly with self signed certificates as documented in authlib docs.

Python requests in version 2.28 removes this method of setting verify=False via env variables.
Until we find another solution one can

pip install "requests < 2.28"

See:

• Self-Signed Certificate instructions needs an update authlib/authlib#474
• CURL_CA_BUNDLE= disables certificate verification psf/requests#6071
• Fix environment CA Bundle resolution psf/requests#6074