revert updates to crytogrpahy and pyopenssl

[markdboyd]

Changes proposed in this pull request:

We cannot upgrade to cryptography > 43 at this time because:

• pyca/cryptography has vulnerabilities for >= 37.0.0, < 43.0.1
• pyopenssl doesn't support cryptography > 43 until version 24.2.0
• pyopenssl 24.2.0 deprecates X509Req, which we need, otherwise we get these errors

 DeprecationWarning: CSR support in pyOpenSSL is deprecated. You should use the APIs in cryptography.

Things to check

• For any logging statements, is there any chance that they could be logging sensitive data?
• Are log statements using a logging library with a logging level set? Setting a logging level means that log statements "below" that level will not be written to the output. For example, if the logging level is set to INFO and debugging statements are written with log.debug or similar, then they won't be written to the otput, which can prevent unintentional leaks of sensitive data.

Security considerations

We are rolling back to a version of cryptography with known security alerts, but we have no choice until certbot/josepy#181 is resolved, which will happen when certbot/josepy#182 is merged.

[markdboyd]

Superseded by #403