pkg/whitelist/gen: set InsecureSkipVerify based on DEBUG env var

[adamdecaf]

Following from https://github.com/adamdecaf/cert-manage/pull/192. I want to test each change separate and see if this is needed.

[adamdecaf]

I'm not a fan of this because setting DEBUG=1 might not imply you want InsecureSkipVerify.

[adamdecaf]

I'd rather add an -insecure flag.