removed IPv6 switch in favour of checking both IPv4 and IPv6

working nslookup for IPV6 and V4

In severly network access restricted environments, it might not be possible to reach $CODE_LOCATION (→ https://raw.githubusercontent.com/…).

Emphasized "will use untrusted by default"

It's entirely my fault for killing a production site for 10 minutes while I figured this out, and for not making a backup of the working private key and certificate, but I think it would help people to emphasize that it uses the staging server by default.

(Other than that, 10/10! So much simpler and better than the default letsencrypt client, loved it.)

Add Dnspod support

export  OPENSSL_CONF so it's used by all openssl commands

Better force_renew

Update template to include USE_SINGLE_ACL

Sometimes certificates are valid for many more years then 1 year.

OPENSSL_CONF needs to be set otherwise the SSLCONF option has no effect on the execution of all the openssl commands.

Added notice about ACL option requirement