ignore deprecation warnings from updated packages

[markdboyd]

Changes proposed in this pull request:

We have upgraded to cryptography > 43 because pyca/cryptography has vulnerabilities for >= 37.0.0, < 43.0.1

To upgrade cryptography, we had to update pyopenssl, since pyopenssl doesn't support cryptography > 43 until version 24.2.0.

However, pyopenssl 24.2.0 deprecates X509Req, which leads to these errors:

DeprecationWarning: CSR support in pyOpenSSL is deprecated. You should use the APIs in cryptography.

This issue is noted in certbot/josepy#181 and discussed in certbot/josepy#182.

Unfortunately, there is no clear fix for this issue right now. The maintainers of josepy are considering abandoning it for a new library, but there is no timeline on that change: certbot/certbot#8322

However, it seems like it is safe to ignore these warnings as long as we don't upgrade to josepy 2.x, as discussed in certbot/certbot#9993.

This PR ignores the deprecation warning and adds a version constraint to ensure that we don't upgrade to josepy 2.x

Things to check

• For any logging statements, is there any chance that they could be logging sensitive data?
• Are log statements using a logging library with a logging level set? Setting a logging level means that log statements "below" that level will not be written to the output. For example, if the logging level is set to INFO and debugging statements are written with log.debug or similar, then they won't be written to the otput, which can prevent unintentional leaks of sensitive data.

Security considerations

Ignoring the deprecation warnings allows us to stay on newer package versions, which include patches for known security issues

[JasonTheMain]

Looks good, less warnings!