Newer curl uses http2 by default, results in

getssl: Error registering account ... JWS has no anti-replay nonce

Force http1.1 as a work-around.

Also add debugging info for "error in EC signing".issue opened

PUT now requires a relative domain name.
GET changed the order of name and data in the JSON.

Note: Due to the API changes, you may need to add
GODADDY_BASE to getssl.cfg.  This is a space-separated
list of base domain names (zones) in which the challenge
responses are entered.  There doesn't seem to be a way
around this that works in all cases, as the GoDaddy API
requires that the zone name be known.

The GoDaddy API now strictly requires any array when
adding a single TXT record.

Inadvertently duplicated seconds & truncated fraction.

rdbath suggested how to implement a timeout on s_client probes.
Unfortunately, wait -n is a bash 4.3 feature.  So this requires
bash 4.3.  CHECK_CERT_TIMEOUT can be used to override the default, which
is 4 seconds.  Fallback is provided for older versions.

Views may require the 'nslookup' process to do somthing special, usually
provide a TSIG key or bind to a specific local address.  Add a
hook for that - export the VARIABLE DNS_CHECK_FUNC_OPTIONS with the
desired options._Set DNS_CHECK_FUNC to the desired command, which
must be one of the supported ones: 'dig', 'drill', 'host' or 'nslookup'.


However, this turned up the fact that the dig/drill code had the domain
and record type arguments in the wrong order on the command line.
(The domain comes first, see the man page.)  Fixed.

In some cases defining the previously undocumented PUBLIC_DNS_SERVER
may work.  This commit adds it to the template file, and exports it
for the benefit of DNS_UPDATE scripts.  Also AUTH_DNS_SERVER.

Squashed awk complaints about curl.header in some cases with debugging on.

Support older curl (--trace-time is somewhat recent)

-t FILE (or GODADDY_TFILE=FILE) will append command arguments
and all wire traffic to a file.

This provides all the information needed for debugging future issues.

Prevents GoDaddy secret and key from exposure via ps.

There is still an issue if environment variables can be read.

all files

Simplifies installation; private directory no longer required since
the scripts don't need to be customized.

-v makes sure that the installer knows what is happening.

Old versions did not return correct exit status.
Did not provide for pre/post processing hooks (e.g. to mount a disk)
Required custom edits/copies for each instance.

These fix all those issues.

Issue #288

Uses the GoDaddy "Developer" API to add and remove the ACME challenge
records.

Adding support for OVH managed DNS

Minor formatting and punctuation fixes.

Add OCSP Must-Staple

Add OCSP Must-Staple

This implements a new variable OCSP_MUST_STAPLE which adds the OCSP Must-Staple detail to the SAN section of the CSR.
If the openssl version is >= 1.1.0, one can also use "tlsfeature = status_request".
See [this blog post](https://scotthelme.co.uk/ocsp-must-staple/) for more details.

Include install (Makefile) and the Arch Linux packages

Add Makefile with install target

Provide GPLv3 rather than GPLv2

Make scripts executable by default

This adds a simple Makefile which can be used to install the software.
Currently there is only a single install target.