Bug report

Bug description:

When accessing external HTTPS sites using requests with pip-system-certs and/or defined cacert with the entire certificate path included the following error appears in all versions of 3.13:
r = threatSession.get(baseURL + "/auth/new", headers=headers) #, headers = {"User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"})
File "C:\Program Files\Python313\Lib\site-packages\requests\sessions.py", line 602, in get
return self.request("GET", url, **kwargs)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python313\Lib\site-packages\requests\sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
File "C:\Program Files\Python313\Lib\site-packages\requests\sessions.py", line 703, in send
r = adapter.send(request, **kwargs)
File "C:\Program Files\Python313\Lib\site-packages\requests\adapters.py", line 698, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='threatinsight.proofpoint.com', port=443): Max retries exceeded with url: /auth/new (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Missing Authority Key Identifier (_ssl.c:1020)')))

This is working on versions <=3.12.10

CPython versions tested on:

3.13.0, 3.13.1, 3.13.2, 3.13.3, 3.13.4

Operating systems tested on:

Windows 11