Add Enable/Disable ssl verification feature

[MedMachhour]

When testing this wonderful tool, i got blocked when the dependency track server is exposed whit a bad SSL configuration or a self-signed cert on it, i saw the request calls, i think that may be it would be interesting to add a flag from the variable environment to check if we want to verify SSL or not while making API calls to track

[jimklimov]

I think #28 happens to address this need

[thinksabin]

Hi @MedMachhour Thanks for your feedback. I believe latest merge request from @jimklimov addressed this. @jimklimov thanks for your pull request. Can you please have quick test with latest version of dependent libraries? I have bumped the version of Request and Certifi to latest recommended by Dependabot.

[jimklimov]

@thinksabin : I am currently using this project as a sort of client library to talk to a local DT server using its API, so using whatever modules are installed in the system's python interpreter (e.g. not as a container nor even a module installed via pip with consideration for metadata such as dependency versions). So currently not in position to easily "have quick test with latest version of dependent libraries" but can confirm that it "works for me" on several environments at work (Win/Lin)...

With regard to HTTPS verification - yes, this works flexibly:

• no-op for HTTP requests (as in the requests module - just ignores verify options),
• False to trust anything,
• True to use system CA trust store,
• string is assumed to be a path name leading to the cert chain file (server + int CA + root CA generally)

PR #31 collaterally builds on usability of this, with sanity-checks for resolved envvar/arg values, e.g. conversion to boolean or tapping upon non-absolute cert paths involved.